Report - foodheed.com/irtu/index.php?QBOT.zip

Report Overview

Submitted URL
foodheed.com/irtu/index.php?QBOT.zip
IP
199.188.200.95
ASN
#22612 NAMECHEAP-NET
Submitted
2022-12-07 17:58:46
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
84

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.149.51.98
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	489 B	2.3 kB	142.250.74.106
rtg.prdredir.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	498 B	1.1 kB	172.64.161.2
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.1 kB	11 kB	23.36.76.226
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.2 kB	15 kB	216.58.211.3
zeniocloud.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	365 B	971 B	167.114.67.56
www.googleadservices.com	107	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	393 B	18 kB	142.250.74.162
googleads.g.doubleclick.net	42	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	1.6 kB	172.217.21.162
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.4 kB	73 kB	34.120.237.76
long.interestmoments.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	977 B	193.169.194.63
11641679.fls.doubleclick.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	623 B	2.9 kB	142.250.74.38
adservice.google.no	96969	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	624 B	1.2 kB	142.250.74.34
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	626 B	556 B	216.239.34.36
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
8ecdd967-7052-405b-9d9a-e69a1824663d.snippet.antillephone.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	48 kB	143.204.55.67
cdn.onesignal.com	3015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	367 B	496 B	104.18.226.52
way.specialblueitems.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	375 B	3.4 kB	159.69.234.10
js.interestmoments.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	370 B	2.6 kB	193.169.194.63
adservice.google.com	76	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	633 B	919 B	142.250.74.34
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	1.5 kB	216.58.207.228
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	104 kB	142.250.74.35
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
foodheed.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	9.5 kB	912 kB	199.188.200.95
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	375 B	58 kB	172.217.21.168
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	676 B	1.5 kB	23.36.76.226
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	964 B	104.18.32.68
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.3 kB	93.184.220.29
biamo.bet	297498	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	81 kB	1.6 MB	108.156.60.56
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	384 B	45 kB	142.250.74.110
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	359 B	1.4 kB	104.18.20.226
mc.yandex.ru	2672	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	356 B	74 kB	77.88.21.119
scripts.prdredir.com	84465	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	372 B	8.4 kB	172.64.161.2
thirawogla.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	544 B	2.4 kB	88.85.94.246

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed
2022-12-07	medium	foodheed.com	Sinkholed

JavaScript (60)

	URL	Size	First Seen	Last Seen
	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-26
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-26 05:50:27 Times Seen1534 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	mc.yandex.ru/metrika/tag.js	214 kB	2023-03-08	2023-03-11
Pretty URL mc.yandex.ru/metrika/tag.js IP 77.88.21.119 ASN #13238 YANDEX LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:44 Last Seen2023-03-11 23:51:42 Times Seen1 Hash eed495e5f5918b605647ddfabccaa865 a0f16bf130bfc3755630e6e522d9fb3463919ab9 b93d3ad05d5001b63a353f35b5a76fe1f34032b67f6a9ef426611c285fe7ffc9 Loading...

	foodheed.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-26
Pretty URL foodheed.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 199.188.200.95 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-26 10:10:59 Times Seen68662 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	thirawogla.com/bN3OV_0.PQ2RhS0TY-XVRWiXPYT_EambccndJ-pfZgDh0i3_OkWlFmhnZ-DpIqwrMsm_JumvMwWxI-wzYA2BYCx_ZEDFYGxHY-mJZKlLYMW_ROlPZQjRU-yTMUzVYW5_OYSZZaybc-3dJejfPgW_hipjck3lR-vnconplqi_YsWtNurvJ-nxNyJzZAD_0C0DNETFk-zHMIzJcK2_JMnNpOvPb-mRVSJTZUD_0W0XNYTZk-zbMczdce2_	20 B	2023-03-07	2023-04-05
Pretty URL thirawogla.com/bN3OV_0.PQ2RhS0TY-XVRWiXPYT_EambccndJ-pfZgDh0i3_OkWlFmhnZ-DpIqwrMsm_JumvMwWxI-wzYA2BYCx_ZEDFYGxHY-mJZKlLYMW_ROlPZQjRU-yTMUzVYW5_OYSZZaybc-3dJejfPgW_hipjck3lR-vnconplqi_YsWtNurvJ-nxNyJzZAD_0C0DNETFk-zHMIzJcK2_JMnNpOvPb-mRVSJTZUD_0W0XNYTZk-zbMczdce2_ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:04 Last Seen2023-04-05 02:11:48 Times Seen90 Hash 5d1e77763de87e5b2fdbedecb756e1c0 969399893bd3f7eb2fa4927c90b5718328eb786a d6fa7cef1211485641c946032be6ffc4293f76d0356902b8de61604c2a60987d Loading...

	biamo.bet/static/dist/polyfills.7c4e8a3bf53f3c3e.js	78 kB	2023-03-07	2023-03-13
Pretty URL biamo.bet/static/dist/polyfills.7c4e8a3bf53f3c3e.js IP 108.156.60.56 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:43 Last Seen2023-03-13 16:46:07 Times Seen1 Hash 920cd368d23d75b2a98921213ddff59f 9fba0547d7805cf1ff4b22d38ad8e73017305360 c129a786372e5a978fe262596b2da7d2317ba312163791e36b87fe522c93acea Loading...

	www.googletagmanager.com/gtag/js?id=G-4L2GVL08BD&l=dataLayer&cx=c	192 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=G-4L2GVL08BD&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:04:21 Last Seen2023-03-08 21:04:21 Times Seen1 Hash 83dd7693afc5873ba539f70eeb5b9d1d 3b02ff5d2951a68dce465dc91b173ccb54e5f7d4 5d93b93021fbe4b8a563da6e845b2eb8203393813a9a423bc6fbf702600ec3db Loading...

	onesignal.com/api/v1/sync/9b17625f-ec13-4f14-ba3c-a6e8a81935ef/web?callback=__jp0	5.1 kB	2023-03-08	2023-03-08
Pretty URL onesignal.com/api/v1/sync/9b17625f-ec13-4f14-ba3c-a6e8a81935ef/web?callback=__jp0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:04:21 Last Seen2023-03-08 21:04:21 Times Seen1 Hash b252895c99392b2ecdaaf0c3c9f3760b a7ec4ea765f2dde6723702bd641ab9030a853a12 8ba68d3bc1e729a3d763fd13f6036bdcccf3b7ea5d27ed820b5c1d3e17b2208d Loading...

	www.google-analytics.com/gtm/optimize.js?id=OPT-TPW6QGT	112 kB	2023-03-08	2023-03-11
Pretty URL www.google-analytics.com/gtm/optimize.js?id=OPT-TPW6QGT IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:57 Last Seen2023-03-11 23:48:59 Times Seen1 Hash d65c56314160265a067a64e16fde5532 284b1a7981c8c225209e45b91924562a5e64ac2c e96077757a6733587a7e58b52e1cbe3130386fa16bf8601e0791884f33faff80 Loading...

	foodheed.com/irtu/?QBOT.zip	2.3 kB	2023-03-08	2023-12-30
Pretty URL foodheed.com/irtu/?QBOT.zip IP 199.188.200.95 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:33:01 Last Seen2023-12-30 15:53:29 Times Seen10 Hash 79c602218f150ae61e8a9dfe6e1fd742 b7c6c9a8033c91a802630baef60585eece639cd0 2a4851bfdde6713589d5741296754a8c0e1fed97a445c3f02b731e79951321b8 Loading...

	cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514	290 kB	2023-03-07	2023-05-22
Pretty URL cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2023-05-22 12:53:59 Times Seen6 Hash 2f96824aee4bf927e734cc519e3e726d 217f9bc83ea70521ed2b8d89b8e2a1fa05cf9146 843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c Loading...

	biamo.bet/static/dist/scripts.394d85fdbddb1838.js	29 B	2023-03-07	2023-08-27
Pretty URL biamo.bet/static/dist/scripts.394d85fdbddb1838.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:16 Last Seen2023-08-27 23:32:34 Times Seen5 Hash 0b313806ac03f6ee470e6e0a42a1c5eb 1363e294d67a9190969c869d693bfc75674902a0 89aaeea56ec4f9267a45a39500775a25c83a1989be6c85820647e7660f65e08a Loading...

	biamo.bet/?faff=2543	357 B	2023-03-07	2023-03-12
Pretty URL biamo.bet/?faff=2543 IP 108.156.60.56 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:16 Last Seen2023-03-12 15:37:20 Times Seen1 Hash 84a9ff56575f4c9e38455324afb7bff0 8ea393b75e4b65a4f6b5429b3d6533359565c939 c1d0899fd3eafe59c9f002478f3fd4d654b4c6f2cf7c58373002b866eb000332 Loading...

	biamo.bet/static/dist/837.e385b283ba609b72.js	168 kB	2023-03-08	2023-03-13
Pretty URL biamo.bet/static/dist/837.e385b283ba609b72.js IP 108.156.60.56 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:57 Last Seen2023-03-13 16:46:07 Times Seen1 Hash 55a75c92719cf3bc86a61f3028a75e70 0fdbc044d90eda9cc1baeeb17ec3663c8928623b dd084f44134a643063e18b9283373bc0fafd8738fab9d78d599b8a123f0628d7 Loading...

	js.interestmoments.com/scripts/trim.js	6.4 kB	2023-03-08	2023-03-08
Pretty URL js.interestmoments.com/scripts/trim.js IP 193.169.194.63 ASN #50321 FOP Reznichenko Sergey Mykolayovich Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:04:21 Last Seen2023-03-08 23:43:11 Times Seen1 Hash 9239afc608d4f8213bc9b868e506cbf2 cd471b132fa31bc5edd6df35520d5f46ef78ec77 9541791059041d870321e1d249e23ea06d0b519b0951a1923891315b34b8f5a2 Loading...

	zeniocloud.com/LAIA.js?sub1=biamobet	593 B	2023-03-08	2023-05-17
Pretty URL zeniocloud.com/LAIA.js?sub1=biamobet IP 167.114.67.56 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:57 Last Seen2023-05-17 09:21:51 Times Seen2 Hash 9c80d8c5e17244f8138bbbe919d8e5d7 71f2579cfe768c089ffda8617c89d441f2347212 acd8610fd7b05a0b39be57608b2f84e5f63039f8be07319aa02b1dcd266c6458 Loading...

	biamo.bet/?faff=2543	25 kB	2023-03-08	2023-03-14
Pretty URL biamo.bet/?faff=2543 IP 108.156.60.56 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:57 Last Seen2023-03-14 15:10:48 Times Seen1 Hash 0b54bc152583187c4cf3ac7f0d7d19a3 cb5867dea9eb0426064a96bfd0b6a19dac223af5 afb300c688a0721b980d4903bcb673e8d0c6f537e9619bb2a918ae383025c278 Loading...

	biamo.bet/?faff=2543	145 B	2023-03-07	2023-05-17
Pretty URL biamo.bet/?faff=2543 IP 108.156.60.56 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:16 Last Seen2023-05-17 09:21:49 Times Seen2 Hash 6f4a15f2b990866b780010c2a834cb78 9baf78623fc7c3929fa6dbd8d647fe7580821948 5c3304ed10e3fc437c2115225d707c805d0a0929ae76dc110d9b047622c0f0cb Loading...

	alexatracker.com/jscode/LAIA.js?sub1=biamobet&sub2=&sub3=&sub4=&sub5=&prid=	0 B	2023-03-07	2024-04-26
Pretty URL alexatracker.com/jscode/LAIA.js?sub1=biamobet&sub2=&sub3=&sub4=&sub5=&prid= IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 11:32:49 Times Seen37090628 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	foodheed.com/irtu/?QBOT.zip	218 B	2023-03-08	2023-03-08
Pretty URL foodheed.com/irtu/?QBOT.zip IP 199.188.200.95 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:04:21 Last Seen2023-03-08 21:09:06 Times Seen1 Hash 132e43f2155168577d699d28c94a4a02 0d4f5de0efbd5b188e330738fe1101179d77cbb1 b3a92cfa56edea34f0beb67fba0e57394c53ff5fc98374444fed0f9ca9bde04b Loading...

	foodheed.com/irtu/?QBOT.zip	5.5 kB	2023-03-08	2023-03-08
Pretty URL foodheed.com/irtu/?QBOT.zip IP 199.188.200.95 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:04:21 Last Seen2023-03-08 21:09:06 Times Seen1 Hash 09491d54a32626c1235e1412c2719155 14c6faabcf8c710217c47a48ba19dee2c959a4fc d79ee44d27f15c72b9168e8c3bbe74a1205c93fa9da21e2bf545ba7ffb51fa2c Loading...

	long.interestmoments.com/go/brad-way.php?id=568658-12-0956346&pid=3457&lid=05679333&jid=38834&from=tearful	264 B	2023-03-08	2023-03-08
Pretty URL long.interestmoments.com/go/brad-way.php?id=568658-12-0956346&pid=3457&lid=05679333&jid=38834&from=tearful IP 193.169.194.63 ASN #50321 FOP Reznichenko Sergey Mykolayovich Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:04:21 Last Seen2023-03-08 23:43:11 Times Seen1 Hash 4f9027e78d4e927db6209223f38efca2 e9dd838e5caebf14ea3e2c51023a541c2dd882ad f06ca24d40c009220ef002a04e3a201209af5fa65870a8392e4bbc4aa320a427 Loading...

	thirawogla.com/bN3OV_0.PQ2RhS0TY-XVRWiXPYT_EambccndJ-pfZgDh0i3_OkWlFmhnZ-DpIqwrMsm_JumvMwWxI-wzYA2BYCx_ZEDFYGxHY-mJZKlLYMW_ROlPZQjRU-yTMUzVYW5_OYSZZaybc-3dJejfPgW_hipjck3lR-vnconplqi_YsWtNurvJ-nxNyJzZAD_0C0DNETFk-zHMIzJcK2_JMnNpOvPb-mRVSJTZUD_0W0XNYTZk-zbMczdce2_	49 B	2023-03-08	2023-03-11
Pretty URL thirawogla.com/bN3OV_0.PQ2RhS0TY-XVRWiXPYT_EambccndJ-pfZgDh0i3_OkWlFmhnZ-DpIqwrMsm_JumvMwWxI-wzYA2BYCx_ZEDFYGxHY-mJZKlLYMW_ROlPZQjRU-yTMUzVYW5_OYSZZaybc-3dJejfPgW_hipjck3lR-vnconplqi_YsWtNurvJ-nxNyJzZAD_0C0DNETFk-zHMIzJcK2_JMnNpOvPb-mRVSJTZUD_0W0XNYTZk-zbMczdce2_ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:18:07 Last Seen2023-03-11 21:47:23 Times Seen1 Hash 71c1044ef090d947321576fc778de299 7f787bb26510b8d74f8a21534a0400fe673fe235 a208435673f5bea540d405554922e22904ac0124329f9a19041b25fd43229cb7 Loading...

	biamo.bet/?faff=2543	358 B	2023-03-07	2023-05-17
Pretty URL biamo.bet/?faff=2543 IP 108.156.60.56 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:17 Last Seen2023-05-17 09:21:47 Times Seen2 Hash 8e5e413f97815cd37b5d13e010249f33 7c0f6e095eee6245b09e0a4ef6a29e25b382b40f a7b12612835ade37e4d2ab64aa852a987f505e8ca556c01edaeb6bfb59f8bb9d Loading...

	biamo.bet/static/dist/583.4a26d08e24748054.js	51 kB	2023-03-08	2023-03-13
Pretty URL biamo.bet/static/dist/583.4a26d08e24748054.js IP 108.156.60.56 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:57 Last Seen2023-03-13 16:46:07 Times Seen1 Hash 496444a451481b5672f1fee6110a7c01 edf3b61578ff1595f78c830acf4a766589ee5281 29a18b0bc6a6cc74aec2318112cb164002c52eaa7573c3b98ee2814e25fcdcd2 Loading...

	biamo.bet/?faff=2543	261 B	2023-03-07	2023-05-17
Pretty URL biamo.bet/?faff=2543 IP 108.156.60.56 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:17 Last Seen2023-05-17 09:21:50 Times Seen2 Hash c6ce1c1cdd8fc16b883a9468c5e2f543 9affaebf1e80a665df1d9dc94cf9ca5c170f9f23 4e7f18f9e275af0b7edb32c65ca71189c298b9c2531bba204bad99a79f6005db Loading...

	www.googletagmanager.com/gtm.js?id=GTM-P75XW8W	154 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-P75XW8W IP 172.217.21.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:04:22 Last Seen2023-03-08 21:04:22 Times Seen1 Hash eb3e357d0508e9541c6978b346142618 403a5c80163830bd0ff7240c1f6833bf07b7837b 049f95f0ad160e28db102ee764f2f5c4d4c649fcd9070d9781f1d32dacc47c0e Loading...

	11641679.fls.doubleclick.net/ddm/fls/r/src=11641679;type=users00;cat=all_u0;ord=6212697906731;gtm=2wgbu0;auiddc=1020922586.1670435917;~oref=https%3A%2F%2Fbiamo.bet%2F%3Ffaff%3D2543	211 B	2023-03-07	2023-03-14
Pretty URL 11641679.fls.doubleclick.net/ddm/fls/r/src=11641679;type=users00;cat=all_u0;ord=6212697906731;gtm=2wgbu0;auiddc=1020922586.1670435917;~oref=https%3A%2F%2Fbiamo.bet%2F%3Ffaff%3D2543 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:16 Last Seen2023-03-14 15:10:48 Times Seen1 Hash a5dd31a78cf151294e7aca920cd3ef83 691f05a3e7a33056246ed1d5c758c323d083feb7 c57ece3c53bfe40becd258a6ce9b4b9775b2982bc850ce193e17ff8e805de1b7 Loading...

	www.googleadservices.com/pagead/conversion/10847281060/?random=1670435918052&cv=9&fst=1670435918052&num=1&npa=1&label=4clwCIT13ZkDEKS_sbQo&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11641679.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D11641679%3Btype%3Dusers00%3Bcat%3Dall_u0%3Bord%3D6212697906731%3Bgtm%3D2wgbu0%3Bauiddc%3D1020922586.1670435917%3B~oref%3Dhttps%253A%252F%252Fbiamo.bet%252F%253Ffaff%253D2543&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4	2.0 kB	2023-03-08	2023-03-08
Pretty URL www.googleadservices.com/pagead/conversion/10847281060/?random=1670435918052&cv=9&fst=1670435918052&num=1&npa=1&label=4clwCIT13ZkDEKS_sbQo&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11641679.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D11641679%3Btype%3Dusers00%3Bcat%3Dall_u0%3Bord%3D6212697906731%3Bgtm%3D2wgbu0%3Bauiddc%3D1020922586.1670435917%3B~oref%3Dhttps%253A%252F%252Fbiamo.bet%252F%253Ffaff%253D2543&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:04:22 Last Seen2023-03-08 21:04:22 Times Seen1 Hash be73b336c1a7a2d236241f46ca3f7e53 e62fddcdf01d31567d32e5f06561556bd14df888 d338983f80211a9baad6b06875525ce5b6a994be04f2a0d55f92a377d57fb401 Loading...

	biamo.bet/static/dist/common.ebd2e2658d2ed4ff.js	484 B	2023-03-08	2023-03-13
Pretty URL biamo.bet/static/dist/common.ebd2e2658d2ed4ff.js IP 108.156.60.56 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:57 Last Seen2023-03-13 16:46:07 Times Seen1 Hash badf08d1a53e2616b83fbb00701f7b88 ef8aff576aad7b8b0c1522a32f84cefb612b1d7d 8eb9a98742f149a0fc00ca68245c055f6066b4c8f2213298375074a41f3d526e Loading...

	foodheed.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	90 kB	2023-03-08	2024-04-26
Pretty URL foodheed.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 199.188.200.95 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-26 04:19:36 Times Seen31827 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	foodheed.com/irtu/?QBOT.zip	223 B	2023-03-08	2023-03-08
Pretty URL foodheed.com/irtu/?QBOT.zip IP 199.188.200.95 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:04:22 Last Seen2023-03-08 21:09:06 Times Seen1 Hash 699f9d4a1cb852c5a737d263bef88962 0d554abe5aad8463c2c3c0e71fe99a28d84452db 9a985cd6e01ae09008d85f76cd939e27095a7e335c3a745b0a3eb55537d3c5a1 Loading...

	foodheed.com/irtu/?QBOT.zip	7.7 kB	2023-03-08	2023-03-08
Pretty URL foodheed.com/irtu/?QBOT.zip IP 199.188.200.95 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:04:22 Last Seen2023-03-08 21:16:07 Times Seen1 Hash 42af527ed2ec4cee4c2927551e5e613c 6a8522d85ee6b73ca4e13a12c349aa16c50bd87a d36cc1571543cc5124fda82b6b51ecb9b7ea0c14e3d4a04a35eb84024015ff66 Loading...

	biamo.bet/?faff=2543	56 B	2023-03-08	2023-03-09
Pretty URL biamo.bet/?faff=2543 IP 108.156.60.56 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:04:22 Last Seen2023-03-09 08:23:43 Times Seen1 Hash edc1efcad57e9e8845a01d535c974b4e 914f44dc91e2937090c2fd2fd48b86b789ecf1a7 783a981596ea469cab5177bfb9a1d54b0982627a2c62a5599010fc3f807189ee Loading...

	biamo.bet/static/dist/271.6f5cbf7ace0cb80b.js	35 kB	2023-03-08	2023-03-13
Pretty URL biamo.bet/static/dist/271.6f5cbf7ace0cb80b.js IP 108.156.60.56 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:57 Last Seen2023-03-13 16:46:07 Times Seen1 Hash eeb9622638f18562c0414ffdda159493 035c29f20cc55d559a6073b8b777572cc8dc5718 4abd4531d75a2c1a2d1280054c5c3e67105ece85d8ea5d839a756a0a0ace7a0a Loading...

	biamo.bet/static/dist/78.28622ffe55b0d808.js	229 kB	2023-03-08	2023-03-13
Pretty URL biamo.bet/static/dist/78.28622ffe55b0d808.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:04:22 Last Seen2023-03-13 16:46:07 Times Seen1 Hash 2e0d32b49d0cbd117f5778cdf8721e2d 452cdf22d8461b21e3737a707b4d3430c76d2869 5e855954c41084e8d40a4ece6b34bddf61202608a573181d7273abe85cfa4049 Loading...

	foodheed.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	19 kB	2023-03-07	2024-04-26
Pretty URL foodheed.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 IP 199.188.200.95 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-26 01:56:03 Times Seen38055 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	biamo.bet/static/dist/runtime.7961b9c24b8f4c80.js	4.4 kB	2023-03-08	2023-03-11
Pretty URL biamo.bet/static/dist/runtime.7961b9c24b8f4c80.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:57 Last Seen2023-03-11 23:49:00 Times Seen1 Hash 0e87c991331be1387293fe0c9b9cc23f 3e4c435b3763465b6336104df6136fced24ee62e c6fa0a8c741e8e723544ca37babe6cc7220261ddd67e426f6d8b3f23fe7a4d78 Loading...

	biamo.bet/static/dist/main.27ecb0b86bc93f8a.js	2.7 MB	2023-03-08	2023-03-08
Pretty URL biamo.bet/static/dist/main.27ecb0b86bc93f8a.js IP 108.156.60.56 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:04:22 Last Seen2023-03-08 21:04:22 Times Seen1 Hash ec0f2909fe2a015a8822c20958fe01d1 570d5f4a6fcefe96c32f960aabc180fed46a18e0 d1aac0b831a4b83ce8432fe28d365c23958148d4e5bb26bf8ae73be98e302370 Loading...

	biamo.bet/static/dist/915.556573d7286805d2.js	1.3 kB	2023-03-08	2023-03-13
Pretty URL biamo.bet/static/dist/915.556573d7286805d2.js IP 108.156.60.56 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:57 Last Seen2023-03-13 16:46:07 Times Seen1 Hash 1062b444019378a8d9318b706b664e83 475f5f6c71419403654d379daef333e69ea753ab ace1def5082cd52e7247a854dafefc8be14376f14f47ec2211489c8aedf4783e Loading...

	biamo.bet/static/dist/459.d1997ede2f658adc.js	16 kB	2023-03-08	2023-03-13
Pretty URL biamo.bet/static/dist/459.d1997ede2f658adc.js IP 108.156.60.56 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:57 Last Seen2023-03-13 16:46:07 Times Seen1 Hash 5cfd7ff10424d54116261769bb4ac461 848b0f5e8b3db23a63b0abf46e70d65d3bc40692 b7cb475bb16997fce448f6c733248abb93fc4814ed8a3a3c1a349bcac1c78f85 Loading...

	biamo.bet/?faff=2543	1.6 kB	2023-03-08	2023-03-13
Pretty URL biamo.bet/?faff=2543 IP 108.156.60.56 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:04:22 Last Seen2023-03-13 16:46:07 Times Seen1 Hash 9dbf86d5b3a07cf202eb652bd35e6a93 a73140fd5488e9d453890b7c7c3bb8783fd31654 2544a1fa90a357d5e4ba6242e2e945984de61113df0f3a979eabc2ff4de99357 Loading...

	biamo.bet/static/dist/694.5f09202dbb8f1138.js	70 kB	2023-03-08	2023-03-13
Pretty URL biamo.bet/static/dist/694.5f09202dbb8f1138.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:57 Last Seen2023-03-13 16:46:07 Times Seen1 Hash de688c1206eb3478158826bb61bded7a 74d52709820dfdfe4c859c913bbde0de5c00be4b 7bf2ce21b97d5329f844f41af788b6817f1d4f308c1415df88594c13e39a884d Loading...

	thirawogla.com/b.3gVG0fPw3fpLv/bymZVxJXZ_Dc0V0zNxThkzzWMqz/cl2ULDT/QN1_OeTwMazxNMzacn	474 B	2023-03-08	2023-03-08
Pretty URL thirawogla.com/b.3gVG0fPw3fpLv/bymZVxJXZ_Dc0V0zNxThkzzWMqz/cl2ULDT/QN1_OeTwMazxNMzacn IP 88.85.94.246 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:04:22 Last Seen2023-03-08 21:04:22 Times Seen1 Hash 49906fb1bd4b9a7d0d3ea472c89b4eeb 169890383653ae59bdef56c96b9c82f2c930121f 2a74ce2d76e08fceea73f95b0dd50600ace7ed35573519683374a560494115e8 Loading...

	way.specialblueitems.com/src/main.js?v=2.01	9.7 kB	2023-03-08	2023-03-08
Pretty URL way.specialblueitems.com/src/main.js?v=2.01 IP 159.69.234.10 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:04:22 Last Seen2023-03-08 23:43:11 Times Seen1 Hash 551eae5ff0fd2bbea34aca3c3ddcec45 bf6e38791bd14e3bceff19bce7f5c52c3bf0312c 9ca857bd4ce70829de21755778637950050bc589a6e25591da56399fa05e868d Loading...

	biamo.bet/?faff=2543	137 B	2023-03-07	2023-05-17
Pretty URL biamo.bet/?faff=2543 IP 108.156.60.56 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:17 Last Seen2023-05-17 09:21:49 Times Seen2 Hash 0cbae6002e199a30c96db7d5c2b19e68 a6c6f49984ec1225d810950c3f1276adbbfc42e0 0079db750678a0eaba18a24b59691f88591609cbec09a952ff3e61da98d57b41 Loading...

	www.googleadservices.com/pagead/conversion.js	46 kB	2023-03-08	2023-03-12
Pretty URL www.googleadservices.com/pagead/conversion.js IP 142.250.74.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:59:43 Last Seen2023-03-12 14:32:57 Times Seen1 Hash 9cdfece004275f945b074de4b8a0700c ede6c2b945f396ddadd66798b2936724f9529062 ebcd43274f956ef6d5c0f690695cc56c35a3a77180c9d1b80791febe4e27f601 Loading...

	biamo.bet/static/dist/667.f5f07494ca992278.js	156 kB	2023-03-08	2023-03-08
Pretty URL biamo.bet/static/dist/667.f5f07494ca992278.js IP 108.156.60.56 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:57 Last Seen2023-03-08 21:04:22 Times Seen1 Hash cdf6e8e29e02f1113985bd38d62d9f75 3ad9011b4ba673ba8385b1ce91c2773d32f1324a cdc979cdb32686a18928216275f702891cc4788e6f3808c8f9f0c4749ad43fda Loading...

	biamo.bet/en	690 B	2023-03-07	2023-03-14
Pretty URL biamo.bet/en IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:16 Last Seen2023-03-14 15:10:48 Times Seen1 Hash a68dc76002fa3cf7bde3a428724faaca 4d4c258784625f83fdb4e1f5c1e18ebc0b01a273 ea0b5192f213170ce6209954442e14a1f7d1210eb88ddc98d5c27260c99b0813 Loading...

	cdn.onesignal.com/sdks/OneSignalSDK.js	9.1 kB	2023-03-07	2023-04-02
Pretty URL cdn.onesignal.com/sdks/OneSignalSDK.js IP 104.18.226.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:42 Last Seen2023-04-02 21:25:26 Times Seen2 Hash ae63ef8ff03da61fffaa7f165729897a 96a95093b2be6ed11dc11b689c728c2ec0dbe19c d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4 Loading...

	scripts.prdredir.com/scripts/k_biamo_bet.js	1.7 kB	2023-03-08	2024-04-21
Pretty URL scripts.prdredir.com/scripts/k_biamo_bet.js IP 172.64.161.2 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:57 Last Seen2024-04-21 18:44:30 Times Seen249 Hash f862478dab963aba87a2d6b17e1c643a 1a5bc05fa269a263de2742f5c81059c774a8f3a8 448d305ad6e8d6b57c5e4d37afbf26c77bcf2c2548e1fe462772757ee6ccbbe1 Loading...

	biamo.bet/static/dist/435.dc5a588e2b66e929.js	129 kB	2023-03-08	2023-03-13
Pretty URL biamo.bet/static/dist/435.dc5a588e2b66e929.js IP 108.156.60.56 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:57 Last Seen2023-03-13 16:46:07 Times Seen1 Hash e4e8b1fd39f92d1803431934df0ccbde 23514c090792018f4e4051514e2357975dac099f a0c0b7f1f6ac5e3cffc3f753958f54994865e4e28c301e47ddd1451697b9c642 Loading...

	biamo.bet/static/dist/720.4c45d7cc0ea0bb3e.js	26 kB	2023-03-08	2023-03-13
Pretty URL biamo.bet/static/dist/720.4c45d7cc0ea0bb3e.js IP 108.156.60.56 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:57 Last Seen2023-03-13 16:46:07 Times Seen1 Hash 9877961f96fd25e5bafded5c4a541220 e70b22dd6cb2b822c79557b1c0fa7080790d8be9 ac76fd6bf2c03d7e06559b43b87aa70ecf1d82a619fb8ce2c436f1c2d38025e1 Loading...

	8ecdd967-7052-405b-9d9a-e69a1824663d.snippet.antillephone.com/apg-seal.js	3.1 kB	2023-03-08	2023-03-08
Pretty URL 8ecdd967-7052-405b-9d9a-e69a1824663d.snippet.antillephone.com/apg-seal.js IP 143.204.55.67 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:04:22 Last Seen2023-03-08 21:04:22 Times Seen1 Hash 554e12ae392f9e251b1663f25c1e4e0e 79ae48c40664eac0ef3495deafe6ccd8335dcce3 0f053aeb312b029a9e06bd7a4b8dffee863e2542c23ca40f084e46897d542905 Loading...

	foodheed.com/irtu/?QBOT.zip	2.1 kB	2023-03-08	2023-03-08
Pretty URL foodheed.com/irtu/?QBOT.zip IP 199.188.200.95 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:04:22 Last Seen2023-03-08 21:16:07 Times Seen1 Hash 261c77cf0e50eb41a495186021719a8d f3a8818c566fe0eea5cc1e7329d8d9d452b42953 f926991494ff19612d74a08214282bae26227ce01b95fb2d6bf44ea92a6b1e3d Loading...

	foodheed.com/irtu/?QBOT.zip	6 B	2023-03-07	2024-04-26
Pretty URL foodheed.com/irtu/?QBOT.zip IP 199.188.200.95 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:52 Last Seen2024-04-26 05:52:00 Times Seen3030 Hash e40805fa510c6622658de2086eb361d2 41d8e131233dceea1d0c9aed70774914965304ef da6bcc93436f9fde95a92d5412601949548490ad0290f355eb4a019eeac1e3f7 Loading...

	biamo.bet/?faff=2543	26 B	2023-03-07	2023-05-17
Pretty URL biamo.bet/?faff=2543 IP 108.156.60.56 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:16 Last Seen2023-05-17 09:21:48 Times Seen2 Hash 54ea38925991ecfead2f5f9344ffdd08 23ca129a3343c33b50ce7378af709165f02bb97b 7944f6a34b0a70adaa38ca6e9b81b67aa2eabcff17aaf76462c6773898e59a10 Loading...

	biamo.bet/?faff=2543	620 B	2023-03-07	2023-05-17
Pretty URL biamo.bet/?faff=2543 IP 108.156.60.56 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:16 Last Seen2023-05-17 09:21:50 Times Seen2 Hash 30b8bdf568a99b77e52b36ba85b5b1a7 b83bdc64b28ee475feafca52a58b24676f6ce105 70213855755e6014ef67bd734bafe886ec6ca9cfe51a30be43552a8e47cb7bb2 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 4edcfc744304d1321a5e2c6e59fd17bc	663 B	2023-03-08	2023-12-30
Pretty Observations First Seen2023-03-08 16:33:01 Last Seen2023-12-30 15:53:29 Times Seen12 Hash 4edcfc744304d1321a5e2c6e59fd17bc 31ffac39ec8e8d9014b0b51eaf450879a8186265 3c1d606b1944940983f3a9b1c4b89e2ef4a4598418640a63bcf06549f4832475 Loading...

	#2 Eval - e4a6872e175101a8de4614d1dfa6c58a	191 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 01:33:17 Last Seen2024-04-26 05:45:47 Times Seen49 Hash e4a6872e175101a8de4614d1dfa6c58a c20b1f114626ccd216f41f746f8a846a31f8babc fea284720112cd5fce27593ea315e8b34b3ecd86555f2895550d89c63aea184d Loading...

		Size	First Seen	Last Seen
	#1 Write - d41d8cd98f00b204e9800998ecf8427e	0 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 11:32:49 Times Seen37090628 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (202)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2160
Expires: Wed, 07 Dec 2022 18:34:32 GMT
Date: Wed, 07 Dec 2022 17:58:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2630c6482aef4e822d6634e417f65ab6
6bd1264568eb9647d1665e51521b3bfc15d4df4a
e00eaad18ffa9f5181fe540b156608df88565b09e98ca78b87eba97f3fbc6e79

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E00EAAD18FFA9F5181FE540B156608DF88565B09E98CA78B87EBA97F3FBC6E79"
Last-Modified: Wed, 07 Dec 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11455
Expires: Wed, 07 Dec 2022 21:09:27 GMT
Date: Wed, 07 Dec 2022 17:58:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2505
Expires: Wed, 07 Dec 2022 18:40:17 GMT
Date: Wed, 07 Dec 2022 17:58:32 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 17:08:04 GMT
content-type: application/json
age: 3028
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: l2ZDTZdpxSlSIP55W5WK6OLd1UWGxbYiJcoObjo81TirddEzbGHKYmxGR6y9Hg1odmt0SSW2P7Ho8dTvFqee8A==
x-amz-request-id: 67G7C90HQ2KVD57F
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 17:49:27 GMT
age: 545
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

foodheed.com/irtu/index.php?QBOT.zip

199.188.200.95

301 Moved Permanently

707 B

URL HTTP/1.1
foodheed.com/irtu/index.php?QBOT.zip
IP
199.188.200.95:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /irtu/index.php?QBOT.zip HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Wed, 07 Dec 2022 17:58:32 GMT
server: LiteSpeed
location: https://foodheed.com/irtu/index.php?QBOT.zip
x-turbo-charged-by: LiteSpeed

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 17:58:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 07 Dec 2022 17:07:55 GMT
age: 3038
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
4e1cfdbefae5bc7d344cf9dc1ed67397
40d3b325990a497a476c0e245a1d8532fd8d3536
33355c21e2641fb025fcbd244e94afd88d98029cb5c101e5f7cea2fe79fa7353

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 17:58:33 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 01:10:26 GMT
Expires: Tue, 13 Dec 2022 01:10:25 GMT
Etag: "40d3b325990a497a476c0e245a1d8532fd8d3536"
Cache-Control: max-age=457311,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775f2669bcc8b4f9-OSL

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 384
Cache-Control: max-age=141281
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:33 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 09:13:14 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

foodheed.com/irtu/index.php?QBOT.zip

199.188.200.95

301 Moved Permanently

0 B

URL HTTP/2
foodheed.com/irtu/index.php?QBOT.zip
IP
199.188.200.95:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /irtu/index.php?QBOT.zip HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://foodheed.com/irtu/?QBOT.zip
x-litespeed-cache: hit
content-length: 0
date: Wed, 07 Dec 2022 17:58:33 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

push.services.mozilla.com/

54.149.51.98

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.149.51.98:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ueepCGk4m1Q+yToqoZK8JA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0FTzcfV+tAqbOI1M7md6D0BjwD4=

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CCrimson+Pro%3A400%7CLato%3A400&display=swap&ver=11.5.1

142.250.74.106

200 OK

1.5 kB

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CCrimson+Pro%3A400%7CLato%3A400&display=swap&ver=11.5.1
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
1.5 kB (1519 bytes)
Hash
e2b108c2f517d8d86afe6759f93744cf
e9f939ec30e57283e84810bfbf32594358590bbe
5e7e691266c3b6ea87c620945de60c7255cf64f0e43be38ef44d1fcb65c6318c

HTTP Headers

GET /css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CCrimson+Pro%3A400%7CLato%3A400&display=swap&ver=11.5.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://foodheed.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Dec 2022 17:58:33 GMT
date: Wed, 07 Dec 2022 17:58:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

foodheed.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1

199.188.200.95

200 OK

12 kB

URL HTTP/2
foodheed.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP
199.188.200.95:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (47826)
Size
12 kB (11616 bytes)
Hash
c4d7cc056b49b00e05cc29cc59aa3d5a
48c426bec60099d2a8628df430ed682c72aab42a
8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 17:58:33 GMT
content-type: text/css
last-modified: Wed, 07 Dec 2022 12:24:27 GMT
etag: "172a9-639085fb-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11616
date: Wed, 07 Dec 2022 17:58:33 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

foodheed.com/wp-includes/css/classic-themes.min.css?ver=1

199.188.200.95

200 OK

217 B

URL HTTP/2
foodheed.com/wp-includes/css/classic-themes.min.css?ver=1
IP
199.188.200.95:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
217 B (217 bytes)
Hash
95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 17:58:33 GMT
content-type: text/css
last-modified: Wed, 07 Dec 2022 12:24:27 GMT
etag: "d9-639085fb-0;;;"
accept-ranges: bytes
content-length: 217
date: Wed, 07 Dec 2022 17:58:33 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

foodheed.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=6ea45b81e47c58269b68289d05535e19x

199.188.200.95

200 OK

4.4 kB

URL HTTP/2
foodheed.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=6ea45b81e47c58269b68289d05535e19x
IP
199.188.200.95:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (37612), with no line terminators
Size
4.4 kB (4410 bytes)
Hash
4df29c95b736edeeeb33bc7693a99b37
2c41e37aedc03a40d919cba6c90029082d222899
6b7be65cdd77f9d800f56a7c4827f598b866f0fde41a6bd5d297d3bbeb5aedf7

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=6ea45b81e47c58269b68289d05535e19x HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 17:58:33 GMT
content-type: text/css
last-modified: Wed, 28 Sep 2022 16:22:23 GMT
etag: "92ec-633474bf-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4410
date: Wed, 07 Dec 2022 17:58:33 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

foodheed.com/wp-content/themes/Newspaper/style.css?ver=11.5.1

199.188.200.95

200 OK

24 kB

URL HTTP/2
foodheed.com/wp-content/themes/Newspaper/style.css?ver=11.5.1
IP
199.188.200.95:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (378)
Size
24 kB (24019 bytes)
Hash
73a81e49111a6b3e5c477111f2687bca
05af1a4ed04a36d89871640163f912143b5ab61e
6960a5bcf7eceba66da9c9a8a9b18a95d90055c88a3200aec9aa4b10c3f9a471

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/Newspaper/style.css?ver=11.5.1 HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 17:58:33 GMT
content-type: text/css
last-modified: Wed, 28 Sep 2022 16:17:06 GMT
etag: "24a56-63347382-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 24019
date: Wed, 07 Dec 2022 17:58:33 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

foodheed.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=6ea45b81e47c58269b68289d05535e19x

199.188.200.95

200 OK

23 kB

URL HTTP/2
foodheed.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=6ea45b81e47c58269b68289d05535e19x
IP
199.188.200.95:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
23 kB (23083 bytes)
Hash
70a20362ee876fa98945ebefcac79f2a
513be3cadaf66f2dd0a7e5071d3b1bc9a9327d44
86aad8e8e06f7add22519ada2dd449a988af6b2b1741de702b4a592f7964e211

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=6ea45b81e47c58269b68289d05535e19x HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 17:58:33 GMT
content-type: text/css
last-modified: Wed, 28 Sep 2022 16:22:25 GMT
etag: "27b2d-633474c1-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 23083
date: Wed, 07 Dec 2022 17:58:33 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

foodheed.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

199.188.200.95

200 OK

4.0 kB

URL HTTP/2
foodheed.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
199.188.200.95:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (11126)
Size
4.0 kB (3995 bytes)
Hash
7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 17:58:33 GMT
content-type: application/x-javascript
last-modified: Wed, 07 Dec 2022 12:24:27 GMT
etag: "2bd8-639085fb-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Wed, 07 Dec 2022 17:58:33 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

foodheed.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

199.188.200.95

200 OK

30 kB

URL HTTP/2
foodheed.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
199.188.200.95:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65447)
Size
30 kB (30324 bytes)
Hash
3a1740685bd5c0bbd5f2b812e1eb7fb4
488e07695da787fed18361c50292aef35abb5e81
4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 17:58:33 GMT
content-type: application/x-javascript
last-modified: Wed, 07 Dec 2022 12:24:27 GMT
etag: "15e54-639085fb-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30324
date: Wed, 07 Dec 2022 17:58:33 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

foodheed.com/wp-content/uploads/2022/10/images.jpg

199.188.200.95

200 OK

14 kB

URL HTTP/2
foodheed.com/wp-content/uploads/2022/10/images.jpg
IP
199.188.200.95:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 217x232, components 3\012- data
Size
14 kB (13506 bytes)
Hash
2bafa89ed5da31749073f2aed532f88e
c1da0da88b38cab941017754e88621a62cdc0df2
1f5bd6173b2433351b0741c5e8c2ec2b4bc8dfebc8f4433dd6a5b0e96a6eb27b

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/10/images.jpg HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 17:58:33 GMT
content-type: image/jpeg
last-modified: Wed, 05 Oct 2022 21:57:04 GMT
etag: "34c2-633dfdb0-0;;;"
accept-ranges: bytes
content-length: 13506
date: Wed, 07 Dec 2022 17:58:33 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://foodheed.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 599080
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://foodheed.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 599059
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.35

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://foodheed.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 18:52:41 GMT
expires: Tue, 05 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 169553
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

142.250.74.35

200 OK

24 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://foodheed.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 17:11:08 GMT
expires: Wed, 06 Dec 2023 17:11:08 GMT
cache-control: public, max-age=31536000
age: 89246
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7323
Expires: Wed, 07 Dec 2022 20:00:37 GMT
Date: Wed, 07 Dec 2022 17:58:34 GMT
Connection: keep-alive

foodheed.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

199.188.200.95

200 OK

4.6 kB

URL HTTP/2
foodheed.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP
199.188.200.95:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (15660)
Size
4.6 kB (4619 bytes)
Hash
0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 17:58:34 GMT
content-type: application/x-javascript
last-modified: Wed, 07 Dec 2022 12:24:28 GMT
etag: "48b9-639085fc-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Wed, 07 Dec 2022 17:58:34 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7323
Expires: Wed, 07 Dec 2022 20:00:37 GMT
Date: Wed, 07 Dec 2022 17:58:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7323
Expires: Wed, 07 Dec 2022 20:00:37 GMT
Date: Wed, 07 Dec 2022 17:58:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7323
Expires: Wed, 07 Dec 2022 20:00:37 GMT
Date: Wed, 07 Dec 2022 17:58:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7323
Expires: Wed, 07 Dec 2022 20:00:37 GMT
Date: Wed, 07 Dec 2022 17:58:34 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8438 bytes)
Hash
e95ebce9d79ba46cb96af9a45af1762f
985c6761675e6bcc0186f64d55f94cf09352f05c
5837d6bf31e57f955ba2577f112281cc33a5502b358c83192f4e396b57042ac0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8438
x-amzn-requestid: 0f5d1b0e-1193-4006-8a54-555681d9f62e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlqVGMjoAMFS6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb641-6366ea6464122d857407cdff;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:38:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2j9gqNvWYRFM-li9Nj4nLAWe_eKWMSwagPgU3eAtk0pjcJUX4Q8XEA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:55:40 GMT
etag: "985c6761675e6bcc0186f64d55f94cf09352f05c"
content-type: image/jpeg
age: 72174
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11224 bytes)
Hash
b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ViuPsZBEVJ-aGOcsfrl3nXu244mzMUMQVhpPeNlO7W3sBrrfuUfXpA==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:32:04 GMT
age: 69990
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6557 bytes)
Hash
210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: va_vly0iX6rzm_aTWrryPRjoTWlI-_0m6rpS6VrTx-nsd71dk1cSZw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 06:11:41 GMT
age: 42413
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6186 bytes)
Hash
535710165275856757bd7d1689f79de3
d51162b7fcba50022482b7130a556f3a7dfe822f
c93e2df13b78cd4b718eb4fe3fe70a9d6d12fd0a0d7f505219ec0d5e6a70653c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6186
x-amzn-requestid: 53d1d373-ff6c-4c59-bdeb-fff592bca586
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUsyGOEIAMFwfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e67eb-0156077b52dc07fb124c087b;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:51:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4ORpzqbzQyJz_i3wpxf_07mXK3ovj1JT8kn-M9fdrGRgDVig7hhN5w==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 12:20:15 GMT
age: 20299
etag: "d51162b7fcba50022482b7130a556f3a7dfe822f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6846 bytes)
Hash
a7ee62c5e846e8ad4808f4724f15146d
6d55b299f906908309f91eaf0a720ad65866db04
0d8f51d6f7f3bad4bb9d9c3000999739147f6dd718b290b0dca71a4cba85cb38

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6846
x-amzn-requestid: 53452103-6559-460c-ac40-4685e6816aa4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGx4E-mIAMFatg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a5-5327ec9a2f247cc91654df80;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Znjnq24wuXoi43Bfc9aPdcUHhMh-a00hSCXUHFpHq3sTtQQoUYe6Uw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 07:10:36 GMT
age: 38878
etag: "6d55b299f906908309f91eaf0a720ad65866db04"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8701 bytes)
Hash
604a4132da78a0c013b5818644adb121
ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566
eecab519c33596c67f2d2021dfd1af24e7fd8f2ed403f99b4ba0c265c08a259f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8701
x-amzn-requestid: 653284c3-ee7f-45f1-9513-3a6c81e1d6e3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cm3-2HRWIAMFjfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c39f8-6f8969a26787a9463ba6c2ec;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 06:11:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EpyIdH9YEXjxbGhZpBIfzoZHQxMvAKl0eCFQsgMt0e1SSeWsiuey7g==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:15:06 GMT
age: 71008
etag: "ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7cb1aa6fd626d0951c4ec7afdc6ee824
459ccb1dd034e7710a31983256a40fe923a9a469
0bdcb65a76cc55a23e73819f3bcff61058324181c21bf886a4d2f31b0e74182f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0BDCB65A76CC55A23E73819F3BCFF61058324181C21BF886A4D2F31B0E74182F"
Last-Modified: Tue, 06 Dec 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10163
Expires: Wed, 07 Dec 2022 20:47:57 GMT
Date: Wed, 07 Dec 2022 17:58:34 GMT
Connection: keep-alive

foodheed.com/wp-content/uploads/2022/09/fresh-solanum-tuberosum-potatoes-irish-potato-wooden-background-copy-space-fresh-solanum-tuberosum-potatoes-irish-potato-251947463-768x432.jpg

199.188.200.95

200 OK

34 kB

URL HTTP/2
foodheed.com/wp-content/uploads/2022/09/fresh-solanum-tuberosum-potatoes-irish-potato-wooden-background-copy-space-fresh-solanum-tuberosum-potatoes-irish-potato-251947463-768x432.jpg
IP
199.188.200.95:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2, copyright=Songwuth Suwannawong | Dreamstime.com], baseline, precision 8, 768x432, components 3\012- data
Size
34 kB (34476 bytes)
Hash
598e4b65ab4e930e60a5797b2703a682
9d7ae01277f4647c1de61c956c9721a613c59fe8
531edcfb33f2d82d5fb388eb5daef884997148769babb8cde46582329e4ee237

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/09/fresh-solanum-tuberosum-potatoes-irish-potato-wooden-background-copy-space-fresh-solanum-tuberosum-potatoes-irish-potato-251947463-768x432.jpg HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 17:58:34 GMT
content-type: image/jpeg
last-modified: Wed, 21 Sep 2022 18:24:14 GMT
etag: "86ac-632b56ce-0;;;"
accept-ranges: bytes
content-length: 34476
date: Wed, 07 Dec 2022 17:58:34 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

way.specialblueitems.com/src/main.js?v=2.01

159.69.234.10

200 OK

3.1 kB

URL HTTP/1.1
way.specialblueitems.com/src/main.js?v=2.01
IP
159.69.234.10:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (9732), with no line terminators
Size
3.1 kB (3052 bytes)
Hash
ee4886936efcd6c7fe2c0f50c46eb551
3f77bc1685ae4f90bee11c721d55f33df2ff0200
ff312b49979047eaad5715d1519775ef8409b9a2d4c436888ab7d06221889561

HTTP Headers

GET /src/main.js?v=2.01 HTTP/1.1
Host: way.specialblueitems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://foodheed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 17:58:35 GMT
Content-Type: application/javascript
Last-Modified: Wed, 07 Dec 2022 11:43:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63907c4f-2604"
Expires: Sat, 17 Dec 2022 17:58:35 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Content-Encoding: gzip

foodheed.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.5.1

199.188.200.95

200 OK

62 kB

URL HTTP/2
foodheed.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.5.1
IP
199.188.200.95:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (670)
Size
62 kB (61906 bytes)
Hash
59ce4486311c4c3b21e271477855e4d9
7cb4990ec57034172c7c3505cd6b3923ded550c5
51d72e5eef64bd08d5a601c7c40ca84e11dcecf95e5ba6b5c36a095dce231e86

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.5.1 HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 17:58:34 GMT
content-type: application/x-javascript
last-modified: Wed, 28 Sep 2022 16:22:25 GMT
etag: "44c89-633474c1-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 61906
date: Wed, 07 Dec 2022 17:58:34 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

foodheed.com/wp-content/uploads/2022/09/facts-fats-768x402.jpg

199.188.200.95

200 OK

91 kB

URL HTTP/2
foodheed.com/wp-content/uploads/2022/09/facts-fats-768x402.jpg
IP
199.188.200.95:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, copyright=\302\251samael334 - stock.adobe.com], baseline, precision 8, 768x402, components 3\012- data
Size
91 kB (91274 bytes)
Hash
83a396f0baac36df808b2493ca3c1331
3cf861ab75b8752124a7c15d0d53aa905aa3f974
b3585f0c6f59995830c8878d7ce9381ca6291c6e109de0b9ebdec6759835e5f1

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/09/facts-fats-768x402.jpg HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 17:58:34 GMT
content-type: image/jpeg
last-modified: Fri, 23 Sep 2022 20:09:18 GMT
etag: "1648a-632e126e-0;;;"
accept-ranges: bytes
content-length: 91274
date: Wed, 07 Dec 2022 17:58:34 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

foodheed.com/wp-content/uploads/2022/10/beef-biryanirf.jpg

199.188.200.95

200 OK

110 kB

URL HTTP/2
foodheed.com/wp-content/uploads/2022/10/beef-biryanirf.jpg
IP
199.188.200.95:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 548x308, components 3\012- data
Size
110 kB (110315 bytes)
Hash
f251abd0d755c2b44438e3150b82bce7
c35d4a0ded8299b834de23a0eff685002b50c65a
c4a7ba5b48972242de382df25c0405036e5bf300d63ef37816d41c1c9690a545

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/10/beef-biryanirf.jpg HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 17:58:34 GMT
content-type: image/jpeg
last-modified: Sun, 02 Oct 2022 17:45:08 GMT
etag: "1aeeb-6339ce24-0;;;"
accept-ranges: bytes
content-length: 110315
date: Wed, 07 Dec 2022 17:58:34 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

foodheed.com/wp-content/uploads/2022/10/FB_IMG_16620604511201920-768x960.jpg

199.188.200.95

200 OK

160 kB

URL HTTP/2
foodheed.com/wp-content/uploads/2022/10/FB_IMG_16620604511201920-768x960.jpg
IP
199.188.200.95:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 768x960, components 3\012- data
Size
160 kB (160123 bytes)
Hash
208dab7db74d317624604117be02cfc0
0ec38631156ba5372528368d41c0d146df180cad
938d03c2b81d4200687fb32936962985310177ec9f4d9832d1ebab49410be84c

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/10/FB_IMG_16620604511201920-768x960.jpg HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 17:58:33 GMT
content-type: image/jpeg
last-modified: Wed, 05 Oct 2022 22:26:25 GMT
etag: "2717b-633e0491-0;;;"
accept-ranges: bytes
content-length: 160123
date: Wed, 07 Dec 2022 17:58:33 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

foodheed.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?20

199.188.200.95

200 OK

29 kB

URL HTTP/2
foodheed.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?20
IP
199.188.200.95:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format, TrueType, length 28732, version 0.0\012- data
Size
29 kB (28732 bytes)
Hash
2192d5f834e8b672a73d67cad66e79f6
ddf3eb377defc2ca0a2a09d3f41da2d006303e13
c70da34747fb31860fa118ff5d6736f81661838a0f50f077aa29d63ad7b00e4a

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/Newspaper/images/icons/newspaper.woff?20 HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://foodheed.com/wp-content/themes/Newspaper/style.css?ver=11.5.1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 17:58:34 GMT
content-type: application/font-woff
last-modified: Wed, 28 Sep 2022 16:17:06 GMT
etag: "703c-63347382-0;;;"
accept-ranges: bytes
content-length: 28732
date: Wed, 07 Dec 2022 17:58:34 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

foodheed.com/wp-content/uploads/2022/09/bg8.jpg

199.188.200.95

200 OK

117 kB

URL HTTP/2
foodheed.com/wp-content/uploads/2022/09/bg8.jpg
IP
199.188.200.95:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x400, components 3\012- data
Size
117 kB (116827 bytes)
Hash
190ad01279dfb64195cce964380ad0f8
34b27609e88f53bdf65ea70a182275ef73040e12
d4cde4e9b67326a711accef23cfdc7fc2c48678961634a6564b32f87ef025cdb

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/09/bg8.jpg HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 17:58:34 GMT
content-type: image/jpeg
last-modified: Wed, 28 Sep 2022 16:39:08 GMT
etag: "1c85b-633478ac-0;;;"
accept-ranges: bytes
content-length: 116827
date: Wed, 07 Dec 2022 17:58:34 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9810fa6e235eb9cb7bd84b81093859db
6a90826bc184a29f7e6a32251fa01756365df26a
e2d3f729c0697974845aaeb59ae4d31790e2ef3c7ffc17489e06f11f9e2645d8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2D3F729C0697974845AAEB59AE4D31790E2EF3C7FFC17489E06F11F9E2645D8"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=830
Expires: Wed, 07 Dec 2022 18:12:25 GMT
Date: Wed, 07 Dec 2022 17:58:35 GMT
Connection: keep-alive

js.interestmoments.com/scripts/trim.js

193.169.194.63

200 OK

2.2 kB

URL HTTP/1.1
js.interestmoments.com/scripts/trim.js
IP
193.169.194.63:0
ASN
#50321 FOP Reznichenko Sergey Mykolayovich

File type
ASCII text, with very long lines (6444), with no line terminators
Size
2.2 kB (2194 bytes)
Hash
68f64aa377a0e32ed510fd286ffd5b48
d215b23cb14a3dbd5474bbdbe9290541c449359d
0facd0bcf777d8176a4bbc3e14172fdab4c11aae196591ee3ba8ffddee0ec042

HTTP Headers

GET /scripts/trim.js HTTP/1.1
Host: js.interestmoments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://foodheed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 17:58:35 GMT
Content-Type: application/javascript
Last-Modified: Wed, 07 Dec 2022 11:41:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63907bd9-192c"
Expires: Sat, 17 Dec 2022 17:58:35 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c9573cd12467be4696ad4e51d6cf2206
b899111d6ab445ad5f815abfb990dfa9c7adb6e3
03bebe8919d9e161fd41db70e90215ed44cd27f71fba29ac319e94f10f9d67a7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03BEBE8919D9E161FD41DB70E90215ED44CD27F71FBA29AC319E94F10F9D67A7"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4135
Expires: Wed, 07 Dec 2022 19:07:31 GMT
Date: Wed, 07 Dec 2022 17:58:36 GMT
Connection: keep-alive

long.interestmoments.com/go/brad-way.php?id=16477-22-569654345&pid=235&qid=473

193.169.194.63

302 Found

0 B

URL HTTP/1.1
long.interestmoments.com/go/brad-way.php?id=16477-22-569654345&pid=235&qid=473
IP
193.169.194.63:0
ASN
#50321 FOP Reznichenko Sergey Mykolayovich

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /go/brad-way.php?id=16477-22-569654345&pid=235&qid=473 HTTP/1.1
Host: long.interestmoments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://foodheed.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 07 Dec 2022 17:58:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://long.interestmoments.com/go/brad-way.php?id=568658-12-0956346&pid=3457&lid=05679333&jid=38834&from=tearful
Access-Control-Allow-Origin: *

long.interestmoments.com/go/brad-way.php?id=568658-12-0956346&pid=3457&lid=05679333&jid=38834&from=tearful

193.169.194.63

200 OK

438 B

URL HTTP/1.1
long.interestmoments.com/go/brad-way.php?id=568658-12-0956346&pid=3457&lid=05679333&jid=38834&from=tearful
IP
193.169.194.63:0
ASN
#50321 FOP Reznichenko Sergey Mykolayovich

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
438 B (438 bytes)
Hash
0525d77ebdf7de03d247fdcd914fc360
5ec7fc9668bf62b50ab46497eb3aa67a60c0496d
c548a1af5170a6a7a699b50b9e7bbd50e45d6f7f0f38639e70a80dfabd435781

HTTP Headers

GET /go/brad-way.php?id=568658-12-0956346&pid=3457&lid=05679333&jid=38834&from=tearful HTTP/1.1
Host: long.interestmoments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 17:58:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip

foodheed.com/wp-content/uploads/2022/09/bg_mobile.jpg

199.188.200.95

200 OK

180 kB

URL HTTP/2
foodheed.com/wp-content/uploads/2022/09/bg_mobile.jpg
IP
199.188.200.95:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 933x1400, components 3\012- data
Size
180 kB (180112 bytes)
Hash
9d55788be7e80e2215a40452b5f9a7f7
0983affc62d8add1068c2bce0ff0ed52aec21bfe
f9c2d830dec23812d59ebd87786d293b815b704407de9f853979ba5f9a71a766

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/09/bg_mobile.jpg HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 17:58:34 GMT
content-type: image/jpeg
last-modified: Wed, 28 Sep 2022 16:39:01 GMT
etag: "50846-633478a5-0;;;"
accept-ranges: bytes
content-length: 329798
date: Wed, 07 Dec 2022 17:58:34 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

biamo.bet/?faff=2543

108.156.60.56

200 OK

13 kB

URL HTTP/2
biamo.bet/?faff=2543
IP
108.156.60.56:0
ASN
#0

File type
data
Size
13 kB (13337 bytes)
Hash
6a73e753f8ff46aba43d343c5bcb730c
b915e111b717fe62eca6ddc7ac49bb0338adf5a8
6162b7b8a212984bb13a92b54dce61e844a2e31ebcaac84d5ac3c02d706739a1

HTTP Headers

GET /?faff=2543 HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: nginx
date: Wed, 07 Dec 2022 17:58:37 GMT
set-cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; expires=Wed, 14-Dec-2022 17:58:37 GMT; Max-Age=604800; path=/; domain=biamo.bet
faff=faff%3D2543; expires=Wed, 14-Dec-2022 17:58:37 GMT; Max-Age=604800; path=/; domain=biamo.bet
sitelang=en; expires=Fri, 06-Jan-2023 17:58:37 GMT; Max-Age=2592000; path=/
x-geo-detected: nor
x-accept-language: en-US
strict-transport-security: max-age=31536000; includeSubdomains; preload
cache-control: private,no-store,no-cache,max-age=0
x-monitor: bff8fb57bcbfa445bf9fa60c030563dc,msec:1670435917.201
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: tQuLrQHR9aPUWwA5QayujOyY3TRRjn5jaxTbf4C3UjpTVBAWvd_xHw==
X-Firefox-Spdy: h2

foodheed.com/wp-content/uploads/2022/10/CampfireCake600x600.jpg

199.188.200.95

200 OK

2.7 kB

URL HTTP/2
foodheed.com/wp-content/uploads/2022/10/CampfireCake600x600.jpg
IP
199.188.200.95:0
ASN
#22612 NAMECHEAP-NET

File type
gzip compressed data, from Unix\012- data
Size
2.7 kB (2727 bytes)
Hash
c359052dd9c89923a29ae1df5476626e
b7777098c9677c37b1a19a0ec3ae5d0dbd265e4f
b9380439b34b3eae516975f7b968d69e2f8de12f57a446c96ffcb432d23540ea

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/10/CampfireCake600x600.jpg HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 17:58:33 GMT
content-type: image/jpeg
last-modified: Wed, 05 Oct 2022 22:19:28 GMT
etag: "1852b-633e02f0-0;;;"
accept-ranges: bytes
content-length: 99627
date: Wed, 07 Dec 2022 17:58:33 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8aa9320315b7fc787bfd0fd1baea8721
45328506883b22acc927b8038b73e5247b0a1679
c5827834b5ce1e49980b439410b06fca062d877abd8ca89719b589a2fe28b4b9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
dfceec2f5d35ce8962b1805e7fdc8d3b
eac5c037076dfeb3e400fdcd3155ea517dd3d253
a4ab15e40560ff1bee8ede5ec48a1ca476df3b64c0d7df65f838714d56da7e15

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5555
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:37 GMT
Last-Modified: Wed, 07 Dec 2022 16:26:02 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 278

www.googletagmanager.com/gtm.js?id=GTM-P75XW8W

172.217.21.168

200 OK

57 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-P75XW8W
IP
172.217.21.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (6039)
Size
57 kB (56997 bytes)
Hash
8ccea5fbee3d0ebe528d504bbecdfe5e
7497ff21aa16639f3274ad6d548cfa67719bc4a7
9346c18520e7687cc42edf2f08895e9ebefc5b1ff41ec0930b4abb545dfb20c7

HTTP Headers

GET /gtm.js?id=GTM-P75XW8W HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Dec 2022 17:58:37 GMT
expires: Wed, 07 Dec 2022 17:58:37 GMT
cache-control: private, max-age=900
last-modified: Wed, 07 Dec 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 56997
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8aa9320315b7fc787bfd0fd1baea8721
45328506883b22acc927b8038b73e5247b0a1679
c5827834b5ce1e49980b439410b06fca062d877abd8ca89719b589a2fe28b4b9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

e1.o.lencr.org/

23.36.76.226

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
2fed097e2f8a98b35ebc26f05ede99fb
53e71a856d114a325df91d175a8e48871355ecb6
9ec774d0fd58ccbcbf92909cc64efa6e68c1dcbeed740e2e329f9ad74da1b288

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "9EC774D0FD58CCBCBF92909CC64EFA6E68C1DCBEED740E2E329F9AD74DA1B288"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5143
Expires: Wed, 07 Dec 2022 19:24:20 GMT
Date: Wed, 07 Dec 2022 17:58:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9434a41807fc9b6471702e73ae767dca
2e7e2e21b3a5b6d98d8ebcb6e73ee2a04dd8550b
e74bd300b4872f26d89b475edb7f8b2be9f538c3c0488d0cf9014b2f2662475b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E74BD300B4872F26D89B475EDB7F8B2BE9F538C3C0488D0CF9014B2F2662475B"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9905
Expires: Wed, 07 Dec 2022 20:43:42 GMT
Date: Wed, 07 Dec 2022 17:58:37 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.76.226

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
2fed097e2f8a98b35ebc26f05ede99fb
53e71a856d114a325df91d175a8e48871355ecb6
9ec774d0fd58ccbcbf92909cc64efa6e68c1dcbeed740e2e329f9ad74da1b288

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "9EC774D0FD58CCBCBF92909CC64EFA6E68C1DCBEED740E2E329F9AD74DA1B288"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5143
Expires: Wed, 07 Dec 2022 19:24:20 GMT
Date: Wed, 07 Dec 2022 17:58:37 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
38d1c089860ce360f5266ae101ab05ca
31705702b50e1c818c052b6d2a23f22583aa07d1
097ac1bb8edd3ef2e02fa551d824a0104c6995e130f9cdc4bcfa65583a9785d0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

11641679.fls.doubleclick.net/activityi;src=11641679;type=users00;cat=all_u0;ord=6212697906731;gtm=2wgbu0;auiddc=1020922586.1670435917;~oref=https%3A%2F%2Fbiamo.bet%2F%3Ffaff%3D2543?

142.250.74.38

200 OK

2.0 kB

URL HTTP/2
11641679.fls.doubleclick.net/activityi;src=11641679;type=users00;cat=all_u0;ord=6212697906731;gtm=2wgbu0;auiddc=1020922586.1670435917;~oref=https%3A%2F%2Fbiamo.bet%2F%3Ffaff%3D2543?
IP
142.250.74.38:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (5120), with no line terminators
Size
2.0 kB (1952 bytes)
Hash
1c3f06b2f385bd4d612dd422b79b6832
a4f43afd4d3e988d65b7d51911289181091b40c6
fbd1ec259a2995972fb1e40a25a1cb1a593b907f7fb58170464aa2ae6a8fbafb

HTTP Headers

GET /activityi;src=11641679;type=users00;cat=all_u0;ord=6212697906731;gtm=2wgbu0;auiddc=1020922586.1670435917;~oref=https%3A%2F%2Fbiamo.bet%2F%3Ffaff%3D2543? HTTP/1.1
Host: 11641679.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 17:58:37 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 239
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Dec-2022 18:13:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
38d1c089860ce360f5266ae101ab05ca
31705702b50e1c818c052b6d2a23f22583aa07d1
097ac1bb8edd3ef2e02fa551d824a0104c6995e130f9cdc4bcfa65583a9785d0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

biamo.bet/static/dist/polyfills.7c4e8a3bf53f3c3e.js

108.156.60.56

200 OK

29 kB

URL HTTP/2
biamo.bet/static/dist/polyfills.7c4e8a3bf53f3c3e.js
IP
108.156.60.56:0
ASN
#0

File type
data
Size
29 kB (28554 bytes)
Hash
ad709bf3e13291df3e8b4f1f436d98e3
12e7f55793d81a430b88c9e47a89c781d1a0d9a8
807d1632d06161e1cb13e3615edf8d2dfa9e2a1797a7e20ced0d1cdcbf34c71c

HTTP Headers

GET /static/dist/polyfills.7c4e8a3bf53f3c3e.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/?faff=2543
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Wed, 07 Dec 2022 15:16:09 GMT
last-modified: Wed, 07 Dec 2022 09:01:54 GMT
etag: W/"63905682-1322b"
expires: Thu, 08 Dec 2022 15:16:09 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: TkTS54l9CBoe30As0bPsN4fgONM9fFROLKswCkwqp1_0VIvaElALZw==
age: 9748
X-Firefox-Spdy: h2

adservice.google.com/ddm/fls/i/src=11641679;type=users00;cat=all_u0;ord=6212697906731;gtm=2wgbu0;auiddc=1020922586.1670435917;~oref=https%3A%2F%2Fbiamo.bet%2F%3Ffaff%3D2543

142.250.74.34

200 OK

239 B

URL HTTP/2
adservice.google.com/ddm/fls/i/src=11641679;type=users00;cat=all_u0;ord=6212697906731;gtm=2wgbu0;auiddc=1020922586.1670435917;~oref=https%3A%2F%2Fbiamo.bet%2F%3Ffaff%3D2543
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (455), with no line terminators
Size
239 B (239 bytes)
Hash
427ac7b3aba6186defab6684b54d8cac
c6cb68240abb7143624a3e886ce2d66c44cd3175
e466073a6928c69934726720117f612dfca6b3082b2571758eee63dd9464662d

HTTP Headers

GET /ddm/fls/i/src=11641679;type=users00;cat=all_u0;ord=6212697906731;gtm=2wgbu0;auiddc=1020922586.1670435917;~oref=https%3A%2F%2Fbiamo.bet%2F%3Ffaff%3D2543 HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://11641679.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 17:58:37 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 239
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd6dabd083ee1c237c8ea3ba38cc48d5
bbe4420bf1c0fe0d5621336865563418d2f16f39
c9314cdac13bc2ea94505f473538ab4d5c0a940dfbc2f5447e6f22a5af580572

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0fa282ae07239f0cf04503485877d681
631aa2fff49d29c46341db6540d25917b3626ef5
9020928ea0c9addf3e0a04d78db4158b54b4f29577785b5adb4cf7f2949ced17

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adservice.google.no/ddm/fls/i/src=11641679;type=users00;cat=all_u0;ord=6212697906731;gtm=2wgbu0;auiddc=1020922586.1670435917;~oref=https%3A%2F%2Fbiamo.bet%2F%3Ffaff%3D2543

142.250.74.34

302 Found

0 B

URL HTTP/2
adservice.google.no/ddm/fls/i/src=11641679;type=users00;cat=all_u0;ord=6212697906731;gtm=2wgbu0;auiddc=1020922586.1670435917;~oref=https%3A%2F%2Fbiamo.bet%2F%3Ffaff%3D2543
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ddm/fls/i/src=11641679;type=users00;cat=all_u0;ord=6212697906731;gtm=2wgbu0;auiddc=1020922586.1670435917;~oref=https%3A%2F%2Fbiamo.bet%2F%3Ffaff%3D2543 HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 17:58:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://11641679.fls.doubleclick.net/ddm/fls/r/src=11641679;type=users00;cat=all_u0;ord=6212697906731;gtm=2wgbu0;auiddc=1020922586.1670435917;~oref=https%3A%2F%2Fbiamo.bet%2F%3Ffaff%3D2543
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

zeniocloud.com/LAIA.js?sub1=biamobet

167.114.67.56

200 OK

804 B

URL HTTP/2
zeniocloud.com/LAIA.js?sub1=biamobet
IP
167.114.67.56:0
ASN
#16276 OVH SAS

File type
data
Size
804 B (804 bytes)
Hash
33e847bf41115beecd9d94b33061c9dd
57b8ce9a7f6e835350b23c4526bbe7a5786c8b6d
6f8063b99748d85105e53ce42ad04ef4feff694b0286aa46b3d6ae5740cbf382

HTTP Headers

GET /LAIA.js?sub1=biamobet HTTP/1.1
Host: zeniocloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 07 Dec 2022 17:58:37 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
78a109574da6617124fdd6ade9b2c501
a35690bcda63041e55ba95f41a14ef0dd2007337
177dafb48a1cf4878dcbbdc580bbe865776bfaf34b885cdb886b66040c58d26b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googleadservices.com/pagead/conversion.js

142.250.74.162

200 OK

17 kB

URL HTTP/2
www.googleadservices.com/pagead/conversion.js
IP
142.250.74.162:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2772)
Size
17 kB (16823 bytes)
Hash
b7bfb38de42aafcf20ec09cb43f51b2e
2329a485f1e5f5a2fdd8158d335fdd5a2683be55
6391614bdd92fbab896b523130690059cea5159fb598ae07fd89e5c46a2a2da0

HTTP Headers

GET /pagead/conversion.js HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://11641679.fls.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 07 Dec 2022 17:58:38 GMT
expires: Wed, 07 Dec 2022 17:58:38 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 6351308751113588399
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 16823
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
aa0e64420f718aa4713e3f080b8d4099
927435ff8af66fa63c34aa0670ae80a997d59cd9
f8e0ab18de96e3d7aa4ed6a819740957b38c0c5d9571c8ccc23ba2dd4530fd42

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

biamo.bet/api/v1/games?slim=true

108.156.60.56

200 OK

293 kB

URL HTTP/2
biamo.bet/api/v1/games?slim=true
IP
108.156.60.56:0
ASN
#0

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (64564), with no line terminators
Size
293 kB (293275 bytes)
Hash
024d0c670a72e6aa5852e70ad48a0815
7c65d01ee24363e0463fb32946b0ee0ac68bf679
77859df506eb936589155ec2d986535887f674c5048ec726b4a73c935601b691

HTTP Headers

GET /api/v1/games?slim=true HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/?faff=2543
Connection: keep-alive
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.1.143091376.1670435917
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/json; encoding=utf-8
content-length: 293275
server: nginx
date: Wed, 07 Dec 2022 17:58:38 GMT
x-geo-detected: nor
content-encoding: gzip
x-accept-language: en-US
strict-transport-security: max-age=31536000; includeSubdomains; preload
cache-control: private,no-store,no-cache,max-age=0
x-monitor: bff8fb57bcbfa445bf9fa60c030563dc,msec:1670435918.066
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: 48aXhOobrde3SIMx9_IxyyoiPn4bYjVhc1qGu3z2oz1qDy7v_Z13yw==
X-Firefox-Spdy: h2

biamo.bet/api/v1/bootstrap

108.156.60.56

200 OK

11 kB

URL HTTP/2
biamo.bet/api/v1/bootstrap
IP
108.156.60.56:0
ASN
#0

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (64660), with no line terminators
Size
11 kB (11016 bytes)
Hash
162306505672b72d3ea14bda260c10d3
06b384d736da0ca288ed0f5a9a61c851716f3e73
c3586748e96d72b49aecacfaa7f0bacb892c1dc52de727afce1decb41747b8e9

HTTP Headers

GET /api/v1/bootstrap HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/?faff=2543
Connection: keep-alive
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.1.143091376.1670435917
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/json; encoding=utf-8
content-length: 11016
server: nginx
date: Wed, 07 Dec 2022 17:58:38 GMT
x-geo-detected: nor
content-encoding: gzip
x-accept-language: en-US
strict-transport-security: max-age=31536000; includeSubdomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate, private, private,no-store,no-cache,max-age=0
x-monitor: bff8fb57bcbfa445bf9fa60c030563dc,msec:1670435918.075
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: QPApw7wF4wI7FFSL1JAFOee96EA6gARuSXlIpfsU-rZzP4njfQVjPg==
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/Ixty6-fFKeo

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/Ixty6-fFKeo
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ff4ee23df156a89f76e7725813988a4a
23b4cf109ec962022fae3be3c7200e5b94eb0ce0
7304ad8a37f3389bb8daa9f7c4a530a3291260486165e881bf9212c5be0103bc

HTTP Headers

POST /s/gts1p5/Ixty6-fFKeo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:38 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
30aec170d58f580f2ed4da4b92d72cc7
3b11a98ba9563f7f266e7a935e3b78bd0c0712aa
7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

region1.google-analytics.com/g/collect?v=2&tid=G-4L2GVL08BD&gtm=2oebu0&_p=1460333489&cid=143091376.1670435917&ul=en-us&sr=1280x1024&_s=1&sid=1670435917&sct=1&seg=0&dl=https%3A%2F%2Fbiamo.bet%2F%3Ffaff%3D2543&dt=BiamoBet&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-4L2GVL08BD&gtm=2oebu0&_p=1460333489&cid=143091376.1670435917&ul=en-us&sr=1280x1024&_s=1&sid=1670435917&sct=1&seg=0&dl=https%3A%2F%2Fbiamo.bet%2F%3Ffaff%3D2543&dt=BiamoBet&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-4L2GVL08BD&gtm=2oebu0&_p=1460333489&cid=143091376.1670435917&ul=en-us&sr=1280x1024&_s=1&sid=1670435917&sct=1&seg=0&dl=https%3A%2F%2Fbiamo.bet%2F%3Ffaff%3D2543&dt=BiamoBet&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://biamo.bet
Connection: keep-alive
Referer: https://biamo.bet/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://biamo.bet
date: Wed, 07 Dec 2022 17:58:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
30aec170d58f580f2ed4da4b92d72cc7
3b11a98ba9563f7f266e7a935e3b78bd0c0712aa
7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

biamo.bet/static/images/logo.svg

108.156.60.56

200 OK

23 kB

URL HTTP/2
biamo.bet/static/images/logo.svg
IP
108.156.60.56:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1325)
Size
23 kB (23207 bytes)
Hash
bb7cb570e9d5425a3deef32f94f18614
de56f2aa44d00d96a522052e4fe54f27ce5f3c9d
56970ecce9989597bf8556d5b6cf24d3fc5044b8ce6e38f0fcb6c571767ea640

HTTP Headers

GET /static/images/logo.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/static/css/app.loader.css
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.1.143091376.1670435917
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Wed, 07 Dec 2022 17:58:38 GMT
last-modified: Wed, 07 Dec 2022 08:58:40 GMT
etag: W/"639055c0-205d"
expires: Thu, 08 Dec 2022 17:58:38 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: BoWgqqj-r8r4F-SowlOs6BFgSsrAvHvz85vzVTnBe3Mddg9baIelzw==
X-Firefox-Spdy: h2

www.google-analytics.com/gtm/optimize.js?id=OPT-TPW6QGT

142.250.74.110

200 OK

44 kB

URL HTTP/2
www.google-analytics.com/gtm/optimize.js?id=OPT-TPW6QGT
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (43949 bytes)
Hash
a4d87ca5ec0135e919a46abc4816c893
eefd302fe096696722d0e819d7958118cf3efa98
fdab9fcc23c2f95a1a6d64449a9f0b4310d37eddde99eb483106095e366ca96e

HTTP Headers

GET /gtm/optimize.js?id=OPT-TPW6QGT HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Dec 2022 17:58:38 GMT
expires: Wed, 07 Dec 2022 17:58:38 GMT
cache-control: private, max-age=900
last-modified: Wed, 07 Dec 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43949
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

biamo.bet/flog

108.156.60.56

200 OK

15 kB

URL HTTP/2
biamo.bet/flog
IP
108.156.60.56:0
ASN
#0

File type
JSON data\012- data
Size
15 kB (15201 bytes)
Hash
89a91477ba7388b0f266f7388dfb64cc
0621994d97f4eb1da0c32ea1a8836d628231c57a
49c7d152964f625ae9a8b2c7cae5651a0da8a38ebab318943fd8138ead12f2b2

HTTP Headers

POST /flog HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/?faff=2543
Content-Type: text/plain;charset=UTF-8
Origin: https://biamo.bet
Content-Length: 114
Connection: keep-alive
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.1.143091376.1670435917
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
server: nginx
date: Wed, 07 Dec 2022 17:58:38 GMT
last-modified: Wednesday, 07-Dec-2022 17:58:38 GMT
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: pXFDdjT2ETUgBXd8rV_GX17vnE2UZNKNuT2qXV1SMELjl2RVvBpLvQ==
X-Firefox-Spdy: h2

biamo.bet/static/dist/main.27ecb0b86bc93f8a.js

108.156.60.56

200 OK

697 kB

URL HTTP/2
biamo.bet/static/dist/main.27ecb0b86bc93f8a.js
IP
108.156.60.56:0
ASN
#0

File type
ASCII text, with very long lines (65536), with no line terminators
Size
697 kB (696807 bytes)
Hash
56c6da4731b411615c7a0699bcece971
fc694ddc1de5a6d0c09f0c821cf6fab1e6dd2442
dc08e379fbb42912c7e7520122e8b3175ba3e6d117ecf5c21a80c39ab468f999

HTTP Headers

GET /static/dist/main.27ecb0b86bc93f8a.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/?faff=2543
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Wed, 07 Dec 2022 15:16:09 GMT
last-modified: Wed, 07 Dec 2022 09:01:54 GMT
etag: W/"63905682-28dcb0"
expires: Thu, 08 Dec 2022 15:16:09 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: 3NABNzniX60KHBSjZmrf123Hy4Pf8C8a0Pnx_esyHM5z8PB25YcKzQ==
age: 9748
X-Firefox-Spdy: h2

biamo.bet/ngsw-worker.js

108.156.60.56

200 OK

15 kB

URL HTTP/2
biamo.bet/ngsw-worker.js
IP
108.156.60.56:0
ASN
#0

File type
data
Size
15 kB (15445 bytes)
Hash
649e86b56f0f04cbfdabcb27c3d63f97
88bc8b386886bcc9274d67ff662207e7cd702bbd
5786a8312033602bee1291dfcdde3a87530f1d757fb56422f5e6f6ca61f334d4

HTTP Headers

GET /ngsw-worker.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.1.143091376.1670435917
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Wed, 07 Dec 2022 17:58:38 GMT
last-modified: Wed, 07 Dec 2022 09:01:55 GMT
etag: W/"63905683-103ee"
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: nMVhgGksKD5-eV2I-IDN4d3UBL37WsSIhTZK__KWsycrodFuplM6Vw==
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/10847281060/?random=1923268104&cv=9&fst=1670435918052&num=1&npa=1&label=4clwCIT13ZkDEKS_sbQo&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11641679.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D11641679%3Btype%3Dusers00%3Bcat%3Dall_u0%3Bord%3D6212697906731%3Bgtm%3D2wgbu0%3Bauiddc%3D1020922586.1670435917%3B~oref%3Dhttps%253A%252F%252Fbiamo.bet%252F%253Ffaff%253D2543&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=TtSQY-KFHrCK-cAPhb2ayAI&sscte=1&crd=

172.217.21.162

302 Found

42 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/10847281060/?random=1923268104&cv=9&fst=1670435918052&num=1&npa=1&label=4clwCIT13ZkDEKS_sbQo&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11641679.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D11641679%3Btype%3Dusers00%3Bcat%3Dall_u0%3Bord%3D6212697906731%3Bgtm%3D2wgbu0%3Bauiddc%3D1020922586.1670435917%3B~oref%3Dhttps%253A%252F%252Fbiamo.bet%252F%253Ffaff%253D2543&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=TtSQY-KFHrCK-cAPhb2ayAI&sscte=1&crd=
IP
172.217.21.162:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/viewthroughconversion/10847281060/?random=1923268104&cv=9&fst=1670435918052&num=1&npa=1&label=4clwCIT13ZkDEKS_sbQo&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11641679.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D11641679%3Btype%3Dusers00%3Bcat%3Dall_u0%3Bord%3D6212697906731%3Bgtm%3D2wgbu0%3Bauiddc%3D1020922586.1670435917%3B~oref%3Dhttps%253A%252F%252Fbiamo.bet%252F%253Ffaff%253D2543&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=TtSQY-KFHrCK-cAPhb2ayAI&sscte=1&crd= HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://11641679.fls.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 17:58:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-conversion/10847281060/?random=1923268104&cv=9&fst=1670435918052&num=1&npa=1&label=4clwCIT13ZkDEKS_sbQo&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11641679.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D11641679%3Btype%3Dusers00%3Bcat%3Dall_u0%3Bord%3D6212697906731%3Bgtm%3D2wgbu0%3Bauiddc%3D1020922586.1670435917%3B~oref%3Dhttps%253A%252F%252Fbiamo.bet%252F%253Ffaff%253D2543&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TtSQY-KFHrCK-cAPhb2ayAI&random=3908621497&resp=GooglemKTybQhCsO
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Dec-2022 18:13:38 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1e181f9ed09fb72bf80535f26ad7b91a
df966a15abb5b870e71527d73592f7d977011eb2
741e73d12b0fa5e76d9b4a78e8e70dbe307e059a0018aca245da0db44c5a5958

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1p5/Ixty6-fFKeo

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/Ixty6-fFKeo
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ff4ee23df156a89f76e7725813988a4a
23b4cf109ec962022fae3be3c7200e5b94eb0ce0
7304ad8a37f3389bb8daa9f7c4a530a3291260486165e881bf9212c5be0103bc

HTTP Headers

POST /s/gts1p5/Ixty6-fFKeo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:38 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.globalsign.com/gseccovsslca2018

104.18.20.226

200 OK

938 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
938 B (938 bytes)
Hash
a6fe877db064e1fcaef1740cc1c2fd75
ca27e395d7988fafddd0b3a844d4d7e5caa778fc
f543ac61f8726222351bf9bf2ce75e0de6dc350b88707296e6b7efbabe865654

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 17:58:38 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Sun, 11 Dec 2022 14:52:31 GMT
ETag: "ca27e395d7988fafddd0b3a844d4d7e5caa778fc"
Last-Modified: Wed, 07 Dec 2022 14:52:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1729
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775f268c0e820b49-OSL

mc.yandex.ru/metrika/tag.js

77.88.21.119

200 OK

73 kB

URL HTTP/2
mc.yandex.ru/metrika/tag.js
IP
77.88.21.119:0
ASN
#13238 YANDEX LLC

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (586)
Size
73 kB (73266 bytes)
Hash
a4567a1e52f99c2b3870f58375ec8cac
dbfc795e71fc19f7e45e8637abc4ac770f639a48
2b13b5716855040bd9a08972b0e61369e50c6daa402ed937e18f6795f82429c8

HTTP Headers

GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 73266
date: Wed, 07 Dec 2022 17:58:38 GMT
access-control-allow-origin: *
etag: "638eb36c-11e32"
expires: Wed, 07 Dec 2022 18:58:38 GMT
last-modified: Tue, 06 Dec 2022 06:13:48 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

biamo.bet/static/dist/common.ebd2e2658d2ed4ff.js

108.156.60.56

200 OK

484 B

URL HTTP/2
biamo.bet/static/dist/common.ebd2e2658d2ed4ff.js
IP
108.156.60.56:0
ASN
#0

File type
ASCII text, with very long lines (484), with no line terminators
Size
484 B (484 bytes)
Hash
badf08d1a53e2616b83fbb00701f7b88
ef8aff576aad7b8b0c1522a32f84cefb612b1d7d
8eb9a98742f149a0fc00ca68245c055f6066b4c8f2213298375074a41f3d526e

HTTP Headers

GET /static/dist/common.ebd2e2658d2ed4ff.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 484
server: nginx
date: Wed, 07 Dec 2022 17:58:39 GMT
last-modified: Wed, 07 Dec 2022 09:01:54 GMT
etag: "63905682-1e4"
expires: Thu, 08 Dec 2022 17:58:39 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: LEB6n6-nj4ftuwerjleQEbJbpjySmHUkNI2adsK-8CqCn0xSdrFy1g==
X-Firefox-Spdy: h2

biamo.bet/static/dist/915.556573d7286805d2.js

108.156.60.56

200 OK

912 B

URL HTTP/2
biamo.bet/static/dist/915.556573d7286805d2.js
IP
108.156.60.56:0
ASN
#0

File type
ASCII text, with very long lines (1364)
Size
912 B (912 bytes)
Hash
2654c73fa661baf69443abb94382ed1a
e4dc2e7f17064ea4e39f240e3972b421c14345df
d5714089bc86cdc6e5af0d0ebde998df1d16775396a9c69d18cc89a46cb87f17

HTTP Headers

GET /static/dist/915.556573d7286805d2.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Wed, 07 Dec 2022 17:58:39 GMT
last-modified: Wed, 07 Dec 2022 09:01:54 GMT
etag: W/"63905682-4f5"
expires: Thu, 08 Dec 2022 17:58:39 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: MTV5dDtuWpYcJYBW2pGrwW1nrKT4IzEiO3Q8J95qh1UHVleIyBn8xw==
X-Firefox-Spdy: h2

biamo.bet/static/languages/en.json?v=20221207.135

108.156.60.56

200 OK

52 kB

URL HTTP/2
biamo.bet/static/languages/en.json?v=20221207.135
IP
108.156.60.56:0
ASN
#0

File type
JSON data\012- HTML document, ASCII text, with very long lines (60106)
Size
52 kB (52070 bytes)
Hash
f46c107f276deb288bc7c645240fb8de
471e1e94bc42c1e9d7da22437ca840172b15631e
9ebef12205fc69bd41e2b0c51bb386cb91570a354aad73742fc76d529abd7e10

HTTP Headers

GET /static/languages/en.json?v=20221207.135 HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/json
server: nginx
date: Wed, 07 Dec 2022 17:58:39 GMT
last-modified: Wed, 07 Dec 2022 09:01:57 GMT
etag: W/"63905685-1537"
expires: Thu, 08 Dec 2022 17:58:39 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: 4slxypvtDV1RIxLyboj2Lx_ONRDib6pivQcDgJ634I7oq5avStAw1A==
X-Firefox-Spdy: h2

biamo.bet/gstatic/wlc/icons/burger.svg

108.156.60.56

200 OK

153 B

URL HTTP/2
biamo.bet/gstatic/wlc/icons/burger.svg
IP
108.156.60.56:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
153 B (153 bytes)
Hash
d251bcefed9a696aead15b544677abd3
de3688524f72a1ba25fd71bc54c7e0ecef594aae
240c20925e481fa21dfeb65e11acc7cf8972f856a757e53e206c7d14c477f29d

HTTP Headers

GET /gstatic/wlc/icons/burger.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 153
server: nginx
date: Wed, 07 Dec 2022 17:58:40 GMT
last-modified: Thu, 13 Oct 2022 11:19:17 GMT
etag: "6347f435-99"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:40 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: _xwwlqXl0M4Z68uoHAIXIR2lG2e-IXL92r9X6vM1ftVBZwJgJa_1MA==
X-Firefox-Spdy: h2

biamo.bet/gstatic/wlc/icons/search.svg

108.156.60.56

200 OK

386 B

URL HTTP/2
biamo.bet/gstatic/wlc/icons/search.svg
IP
108.156.60.56:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (748)
Size
386 B (386 bytes)
Hash
2612f5a639be9dab0ade20c2c80d0e26
fdf35b99f887a19b85cde53398f7bfd1de2f244d
4a35ce2df0f89a2e6343a3aea34f5cdce971707b064e15d28a20a42299043b40

HTTP Headers

GET /gstatic/wlc/icons/search.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 386
server: nginx
date: Wed, 07 Dec 2022 17:58:40 GMT
last-modified: Thu, 13 Oct 2022 11:19:17 GMT
etag: "6347f435-182"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:40 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: SfRZ93DLVmEoiqyjeLuxO1lJQdZRJDxuxlcmq4RFrLCVsQIYSUucMw==
X-Firefox-Spdy: h2

biamo.bet/gstatic/wlc/icons/scroll-up.svg

108.156.60.56

200 OK

388 B

URL HTTP/2
biamo.bet/gstatic/wlc/icons/scroll-up.svg
IP
108.156.60.56:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (506)
Size
388 B (388 bytes)
Hash
313c7b88e9d2b43922db1c82c2a79b1c
a43460a0287ba3cf01c88aa82dfaa67f36472419
422b00f3d098d6c2fa32f3584bcc8f42562e457613b7c0964713b07bf22af251

HTTP Headers

GET /gstatic/wlc/icons/scroll-up.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 388
server: nginx
date: Wed, 07 Dec 2022 17:58:40 GMT
last-modified: Thu, 13 Oct 2022 11:24:29 GMT
etag: "6347f56d-184"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:40 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: xzfrp-oqmhe8fIEVOZfmopmvqzvsINNF07KFWxMIKypbmtu5F0LClg==
X-Firefox-Spdy: h2

biamo.bet/gstatic/wlc/icons/european/v1/promotions.svg

108.156.60.56

200 OK

718 B

URL HTTP/2
biamo.bet/gstatic/wlc/icons/european/v1/promotions.svg
IP
108.156.60.56:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1241)
Size
718 B (718 bytes)
Hash
6670867e209d2718c0e74e0bc3096483
09b56321bbe90e5d55afa55f15cdb454698415e2
1161fb747bf363aae320a8656da220b47bb81ff7c7149001c17b0697879bd405

HTTP Headers

GET /gstatic/wlc/icons/european/v1/promotions.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 718
server: nginx
date: Wed, 07 Dec 2022 17:58:40 GMT
last-modified: Thu, 13 Oct 2022 11:19:17 GMT
etag: "6347f435-2ce"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:40 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: bvEnXOa_MAQ7Q7pquzupnsr-jzSZ4hqkG1jeGb1WRtvG1HhVVjwX8g==
X-Firefox-Spdy: h2

biamo.bet/gstatic/wlc/icons/european/v1/tournaments.svg

108.156.60.56

200 OK

1.1 kB

URL HTTP/2
biamo.bet/gstatic/wlc/icons/european/v1/tournaments.svg
IP
108.156.60.56:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2228)
Size
1.1 kB (1088 bytes)
Hash
1828bf24b2d3670ec906cc8b0983c4c6
7372b211d64907fce66ca00fdb432fa4edf3432e
d42d25f5dccbd7b937a5331d85d04a201e1a84f44c72fcdd73b7ccf99c36ce74

HTTP Headers

GET /gstatic/wlc/icons/european/v1/tournaments.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1088
server: nginx
date: Wed, 07 Dec 2022 17:58:40 GMT
last-modified: Thu, 13 Oct 2022 11:24:30 GMT
etag: "6347f56e-440"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:40 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: arvNfVUlJlXluPo5yS2DDQfZ6nuqPmnAqczLWChBaU45cLx8tfqzPg==
X-Firefox-Spdy: h2

biamo.bet/gstatic/wlc/icons/european/v1/casino.svg

108.156.60.56

200 OK

858 B

URL HTTP/2
biamo.bet/gstatic/wlc/icons/european/v1/casino.svg
IP
108.156.60.56:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2014)
Size
858 B (858 bytes)
Hash
15abac6365ae16c7d514226b3b47286f
d79f8d239928afd7b6e2d3056d7dc9881b794432
8ab1737e6c56061d2aaa8a607d4f95b5c969775b46be5dda10f9dffc42efa8ea

HTTP Headers

GET /gstatic/wlc/icons/european/v1/casino.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 858
server: nginx
date: Wed, 07 Dec 2022 17:58:40 GMT
last-modified: Thu, 13 Oct 2022 11:19:17 GMT
etag: "6347f435-35a"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:40 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: agIXjOWeGynitbPPvQraA3E_-u2jlRV_PxhauqP37SZXmNe0dVeA-g==
X-Firefox-Spdy: h2

biamo.bet/gstatic/wlc/icons/european/v1/sportsbook.svg

108.156.60.56

200 OK

571 B

URL HTTP/2
biamo.bet/gstatic/wlc/icons/european/v1/sportsbook.svg
IP
108.156.60.56:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (312)
Size
571 B (571 bytes)
Hash
bb1bd186d96067a50eaf022a084b7737
ca8cc5b2d50bc12a71198cecacf674e2c163f319
bc4714100d17b3873c81b7422b76bf89a15f899484a386e80c298076e788a970

HTTP Headers

GET /gstatic/wlc/icons/european/v1/sportsbook.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 571
server: nginx
date: Wed, 07 Dec 2022 17:58:40 GMT
last-modified: Thu, 13 Oct 2022 11:19:17 GMT
etag: "6347f435-23b"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:40 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: PXFHZtUqoeBJuJRfq-pR7C3c-PZx2DUpKYgfFdMqj5ev4gNCsPpgkw==
X-Firefox-Spdy: h2

biamo.bet/static/dist/667.f5f07494ca992278.js

108.156.60.56

200 OK

37 kB

URL HTTP/2
biamo.bet/static/dist/667.f5f07494ca992278.js
IP
108.156.60.56:0
ASN
#0

File type
data
Size
37 kB (36572 bytes)
Hash
10761dd10f7fd431f6920c8b4d4d688f
4fdbfc9fa5092b72c2e32f951e767a41a769e9ec
65ba81b4cd3f24336fe7988a3c692b18a88b06813af1810175a194a6c20691b7

HTTP Headers

GET /static/dist/667.f5f07494ca992278.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Wed, 07 Dec 2022 17:58:40 GMT
last-modified: Wed, 07 Dec 2022 09:01:54 GMT
etag: W/"63905682-2607d"
expires: Thu, 08 Dec 2022 17:58:40 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: eQlJh2Ca-oc4U1wFea4FJjGC-zCBAi3aXmTa7CafWE5_w8nYXRUzTQ==
X-Firefox-Spdy: h2

biamo.bet/static/fonts/montserrat/Montserrat-400.woff2

108.156.60.56

200 OK

89 kB

URL HTTP/2
biamo.bet/static/fonts/montserrat/Montserrat-400.woff2
IP
108.156.60.56:0
ASN
#0

File type
Web Open Font Format (Version 2), TrueType, length 88804, version 1.0\012- data
Size
89 kB (88804 bytes)
Hash
6c8807219b0ecffdf96122b80df3e62c
135edfb07b1d07d329434bcf54bac05adf2599be
e617708035d1a5f61ca23a9efcaa30f7b65649b560a3dd7477282230a8840879

HTTP Headers

GET /static/fonts/montserrat/Montserrat-400.woff2 HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://biamo.bet/static/dist/styles.e6fc399f64891d18.css
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 88804
server: nginx
date: Wed, 07 Dec 2022 17:58:40 GMT
last-modified: Wed, 07 Dec 2022 08:58:40 GMT
etag: "639055c0-15ae4"
expires: Thu, 08 Dec 2022 17:58:40 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: VOxDv0ZSEBalfrI80Rt5wSBphY3BTGHmZLOGOGg4ji1n5nzH9bm10g==
X-Firefox-Spdy: h2

biamo.bet/gstatic/wlc/icons/filter-merchants.svg

108.156.60.56

200 OK

795 B

URL HTTP/2
biamo.bet/gstatic/wlc/icons/filter-merchants.svg
IP
108.156.60.56:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (716)
Size
795 B (795 bytes)
Hash
8dced114baa134f36474c6576e92dfd7
b34c1150dc41b77fc058375edde04363baa54a02
86df121df8797461313777b0abb83f5627d98b8a64c80bd9d11ca87d06957ef8

HTTP Headers

GET /gstatic/wlc/icons/filter-merchants.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 795
server: nginx
date: Wed, 07 Dec 2022 17:58:40 GMT
last-modified: Thu, 13 Oct 2022 11:19:17 GMT
etag: "6347f435-31b"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:40 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: mktSnNr7OA4DPzBMkE4tP45dq7SE541is0lVjs2orv8STc1fRoAXNQ==
X-Firefox-Spdy: h2

biamo.bet/gstatic/wlc/icons/age-restrictions.svg

108.156.60.56

200 OK

1.1 kB

URL HTTP/2
biamo.bet/gstatic/wlc/icons/age-restrictions.svg
IP
108.156.60.56:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1478)
Size
1.1 kB (1141 bytes)
Hash
9d73c4bbec914e0c2c6a628a98ea7d25
3c45564e1b0662efa91c63be64a4f1edaf00b8f0
77d77ec4e7e1d66c4751e76d062ea1520023217f9bde71ac4ce991b616dc5cfb

HTTP Headers

GET /gstatic/wlc/icons/age-restrictions.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1141
server: nginx
date: Wed, 07 Dec 2022 17:58:41 GMT
last-modified: Thu, 13 Oct 2022 11:24:29 GMT
etag: "6347f56d-475"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:41 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: Vg1cPpSPYdX8PFBPCpCWnpj4lDqWXEYfBzx98iPoSjwkbHYzAwNpTw==
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8e8fa64-7cd3-460d-9040-af3ca0e2a5f5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10567 bytes)
Hash
b6f4dd03deb6114fec01808b034a711c
c74d29bba44dbb09158da4b9e1b490112c7db915
ddc6721d8a42821c458cf6d5c64ebd10ca0002c95a275be1732cd9ade7bf1b6d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8e8fa64-7cd3-460d-9040-af3ca0e2a5f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 10567
x-amzn-requestid: b9b16cdf-bfa2-4e3c-b00f-1704dd3473d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cgIC6EgLoAMF3hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638986df-3945eea57676d3f91f8f2b3c;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 05:02:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jq1EHQBqVeb9KBozcSUpieXUDHhouxr6YkJrhiqqZ4VP1ZwPV6LHEA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 03:57:34 GMT
age: 50467
etag: "c74d29bba44dbb09158da4b9e1b490112c7db915"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

biamo.bet/static/images/categories/lobby.svg

108.156.60.56

200 OK

940 B

URL HTTP/2
biamo.bet/static/images/categories/lobby.svg
IP
108.156.60.56:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
940 B (940 bytes)
Hash
cfc236846e4bf5fc95803ea60b01e78e
f4ba4803e16ec3f434d77626ab3e3a6435b56423
5c016cdab6e4cf7aa7eb9a69c31bed346433e70e1d83cbd27c2325b4e485db85

HTTP Headers

GET /static/images/categories/lobby.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 940
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Wed, 07 Dec 2022 08:58:40 GMT
etag: "639055c0-3ac"
expires: Thu, 08 Dec 2022 17:58:42 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: xB7bOLcCdMeBxwHjQBui_2PKv1U64v368qdWUBXcbsUxLBOb3vksOA==
X-Firefox-Spdy: h2

biamo.bet/gstatic/categories/halloween.svg

108.156.60.56

404 Not Found

146 B

URL HTTP/2
biamo.bet/gstatic/categories/halloween.svg
IP
108.156.60.56:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /gstatic/categories/halloween.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: gQA_Q1yAAr8HkspNa3-wImJQXqoxpZUh-O5GpP_dooL-jDry38MG4A==
X-Firefox-Spdy: h2

biamo.bet/api/v1/jackpots?lang=en&currency=EUR

108.156.60.56

200 OK

41 B

URL HTTP/2
biamo.bet/api/v1/jackpots?lang=en&currency=EUR
IP
108.156.60.56:0
ASN
#0

File type
JSON data\012- , ASCII text, with no line terminators
Size
41 B (41 bytes)
Hash
67b577783d7fc4f49d3c4995f5fedc7d
0d52bab965ad24c41b48d0502fed9974fbc09c2c
61ab03a0a60951f36ae77e9291519f64888544c3cad63f367e20523e786b37c5

HTTP Headers

GET /api/v1/jackpots?lang=en&currency=EUR HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-UA-Fingerprint: 17250ada99912788642c1a45a66515be
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/json; charset=utf-8
content-length: 41
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-geo-detected: nor
expires: Wed, 07 Dec 2022 17:58:52 GMT
x-accept-language: en-US
strict-transport-security: max-age=31536000; includeSubdomains; preload
cache-control: private,no-store,no-cache,max-age=0
x-monitor: bff8fb57bcbfa445bf9fa60c030563dc,msec:1670435922.191
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: NgBhl_4T5kvSgg1vQGvp5iDbPXLHTbfo3QWu5NEIiVtJS29u27Y2ew==
X-Firefox-Spdy: h2

biamo.bet/gstatic/categories/crashgame.svg

108.156.60.56

404 Not Found

146 B

URL HTTP/2
biamo.bet/gstatic/categories/crashgame.svg
IP
108.156.60.56:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /gstatic/categories/crashgame.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: b1bwyLBDMDuo2PsQG7ZcS0jm0Wx5nQW6IGEeP98ytPSlAjDhGabP0A==
X-Firefox-Spdy: h2

biamo.bet/static/fonts/montserrat/Montserrat-700.woff2

108.156.60.56

200 OK

89 kB

URL HTTP/2
biamo.bet/static/fonts/montserrat/Montserrat-700.woff2
IP
108.156.60.56:0
ASN
#0

File type
Web Open Font Format (Version 2), TrueType, length 88708, version 1.0\012- data
Size
89 kB (88708 bytes)
Hash
1eaf59537a9c317acaa4b2c144cd89d6
c974c955950d5522a66abd7d2e388e03c177dd85
5e2ac34e292b6f15c645dc4e756f01a452cf63dc0817301ad34b1c9bc6a0afa3

HTTP Headers

GET /static/fonts/montserrat/Montserrat-700.woff2 HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://biamo.bet/static/dist/styles.e6fc399f64891d18.css
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 88708
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Wed, 07 Dec 2022 08:58:40 GMT
etag: "639055c0-15a84"
expires: Thu, 08 Dec 2022 17:58:42 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: EhVTGTetH-cGgj8QKF7la9sFAgphdp7bEIOeJcwA4Utxh4X7EhE5xw==
X-Firefox-Spdy: h2

scripts.prdredir.com/scripts/k_biamo_bet.js

172.64.161.2

200 OK

7.6 kB

URL HTTP/2
scripts.prdredir.com/scripts/k_biamo_bet.js
IP
172.64.161.2:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1727)
Size
7.6 kB (7599 bytes)
Hash
b5b3a3c2aed0c32510033f239a0c88ad
ef26afa56b5328a73a59d5d66f386b175475fdc1
3a4d68cf245d9cdc69cf01bd09a9e9d4797040f98d150964e66ab5e154caf3f3

HTTP Headers

GET /scripts/k_biamo_bet.js HTTP/1.1
Host: scripts.prdredir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 17:58:37 GMT
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: max-age=0, public
access-control-allow-origin: *
x-request-id: 61de264d-ed58-49a7-8ee9-6a9f2515048e
etag: W/"448d305ad6e8d6b57c5e4d37afbf26c7"
x-runtime: 0.007254
expires: 2022-11-07 17:58:37 UTC
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wXqCLe3YxC1HApAFei4ItpYWYARpi2u2xuFe81I%2Fzlq011XMrubXQP3qU1tinhrLoP3fG25EBGURgmMGDjQrXywsVSJL7NnBsVj4%2BpsYeZMdRSUwusJtIePeIqPpVtWlp1GZ%2FV5csA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775f2684196876f6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

biamo.bet/static/images/categories/videopoker.svg

108.156.60.56

200 OK

1.6 kB

URL HTTP/2
biamo.bet/static/images/categories/videopoker.svg
IP
108.156.60.56:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Size
1.6 kB (1644 bytes)
Hash
e0340b05790f04ccf55fe902f3620c71
db4b63952bca80e4cc317b5c5200d29c87633cf6
0a26b654a11a14453897c77aceb339a52b1c09efd99c615fa78246dfb524920c

HTTP Headers

GET /static/images/categories/videopoker.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Wed, 07 Dec 2022 08:58:40 GMT
etag: W/"639055c0-d48"
expires: Thu, 08 Dec 2022 17:58:42 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: rVQ2LaROiCC1i43R_fILvJ0tZQ64DcIMoqo5dlDCG1NfW8SsMxkoEA==
X-Firefox-Spdy: h2

biamo.bet/api/v1/wins?lang=en&limit=20&min=1&slim=1

108.156.60.56

200 OK

2.3 kB

URL HTTP/2
biamo.bet/api/v1/wins?lang=en&limit=20&min=1&slim=1
IP
108.156.60.56:0
ASN
#0

File type
data
Size
2.3 kB (2343 bytes)
Hash
1149de9c66aa8f75b27095e3c2157393
4946cc71dede4f6e80d3e0512a77915e4e18ad5e
131e820d29d6fd596a64bc355f6cb9822d557c1fc211220321165ced5a1a2033

HTTP Headers

GET /api/v1/wins?lang=en&limit=20&min=1&slim=1 HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-UA-Fingerprint: 17250ada99912788642c1a45a66515be
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/json; charset=utf-8
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-geo-detected: nor
expires: Wed, 07 Dec 2022 17:58:52 GMT
x-accept-language: en-US
strict-transport-security: max-age=31536000; includeSubdomains; preload
cache-control: private,no-store,no-cache,max-age=0
x-monitor: bff8fb57bcbfa445bf9fa60c030563dc,msec:1670435922.068
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: AYHAQYOuK7cq7HNLKhZ2ZYOVhdopB0eMnLa-Cxur1P5NPIfAqWS2tQ==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/northernlights.svg

108.156.60.56

404 Not Found

146 B

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/northernlights.svg
IP
108.156.60.56:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /gstatic/merchants/svg/black/northernlights.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: 6KeRY_3m02yIfhhsBo1ZWT4Z4ry4s23kkXR3SZa-MIoBAVEdenvKjA==
X-Firefox-Spdy: h2

biamo.bet/static/dist/720.4c45d7cc0ea0bb3e.js

108.156.60.56

200 OK

8.2 kB

URL HTTP/2
biamo.bet/static/dist/720.4c45d7cc0ea0bb3e.js
IP
108.156.60.56:0
ASN
#0

File type
data
Size
8.2 kB (8246 bytes)
Hash
0de872189da64e9aa47348c3b9ff5119
b5c4e6992b5ebb835bf29a7fe894cc0b5f471aff
ac759fe2246104da87b93d5c71725c0f1f66210a96f61e70c4f4224543d82acf

HTTP Headers

GET /static/dist/720.4c45d7cc0ea0bb3e.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Wed, 07 Dec 2022 17:58:40 GMT
last-modified: Wed, 07 Dec 2022 09:01:54 GMT
etag: W/"63905682-678d"
expires: Thu, 08 Dec 2022 17:58:40 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: brqABI_G_iOEwzV_Iz0wn7iIazQ975U0bHtyJHljEMaPpwAGWcpCUw==
X-Firefox-Spdy: h2

biamo.bet/static/images/categories/popular.svg

108.156.60.56

200 OK

1.8 kB

URL HTTP/2
biamo.bet/static/images/categories/popular.svg
IP
108.156.60.56:0
ASN
#0

File type
data
Size
1.8 kB (1769 bytes)
Hash
a7fb252126500cebf5dea87af704dd1e
449f1f0ca70d69dc7816575e1b645422e1c53d80
64890675873db876e85d72ae77ffe8c2249f02a5cd15a7db65a3896f61beb086

HTTP Headers

GET /static/images/categories/popular.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Wed, 07 Dec 2022 08:58:40 GMT
etag: W/"639055c0-660"
expires: Thu, 08 Dec 2022 17:58:42 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: vpqK1fg9qKEJ9r1ogJ1wT45WSKwZJOnOFUr03SPaLezzBaeTM_YaGg==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/electricelephant.svg

108.156.60.56

404 Not Found

146 B

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/electricelephant.svg
IP
108.156.60.56:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /gstatic/merchants/svg/black/electricelephant.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: 9sucW0aG92j4JwKZ24qSRRRgjnzbqg0hk0k5Qv5Vc0TSBsxd0bsQwg==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/alchemy.svg

108.156.60.56

404 Not Found

146 B

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/alchemy.svg
IP
108.156.60.56:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /gstatic/merchants/svg/black/alchemy.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: yIXQ8AMaqa4Yh7T3PSOzJs29FjankmE6sqEHN7X8MsgLdNCncME1Jg==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/goldcoin.svg

108.156.60.56

404 Not Found

146 B

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/goldcoin.svg
IP
108.156.60.56:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /gstatic/merchants/svg/black/goldcoin.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: tmWcjLdJrRxzTs9qYIfvPjJyyEeFE3ixq29TEnQ_GPW1DvBbZu-sKw==
X-Firefox-Spdy: h2

biamo.bet/static/images/categories/bingo.svg

108.156.60.56

200 OK

1.3 kB

URL HTTP/2
biamo.bet/static/images/categories/bingo.svg
IP
108.156.60.56:0
ASN
#0

File type
data
Size
1.3 kB (1305 bytes)
Hash
e7ff625e917059d573c2a47a07b01df2
8b93211e58aceb9f2eee7433bd5d0451aece2a02
23f965c489b82482eb84b5d3d72cf0208b658c1fd58754a03f69f90014be9033

HTTP Headers

GET /static/images/categories/bingo.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Wed, 07 Dec 2022 08:58:40 GMT
etag: W/"639055c0-bcd"
expires: Thu, 08 Dec 2022 17:58:42 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: K31XvCocavnQfDWIjLfVe45LrLw4c5ZpuGC9DtEUQXBmuzv8jY6qLA==
X-Firefox-Spdy: h2

biamo.bet/static/images/categories/tablegames.svg

108.156.60.56

200 OK

1.8 kB

URL HTTP/2
biamo.bet/static/images/categories/tablegames.svg
IP
108.156.60.56:0
ASN
#0

File type
data
Size
1.8 kB (1806 bytes)
Hash
5f57e02d89d81087967b8eb2d5021ccb
2d72bd2563035d8db2c716cba76ff6912f5f0726
056826be446f31d7296476255fcd3b1e79003ffb243a3ceead6d3879cd4144c7

HTTP Headers

GET /static/images/categories/tablegames.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Wed, 07 Dec 2022 08:58:40 GMT
etag: W/"639055c0-14de"
expires: Thu, 08 Dec 2022 17:58:42 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: tBZUhkLtkQmlffpgFv9G95sboISWfn_KOjdZwGbU0Tha6Tk8ip_Pvg==
X-Firefox-Spdy: h2

biamo.bet/static/images/categories/baccaratglobal.svg

108.156.60.56

200 OK

1.7 kB

URL HTTP/2
biamo.bet/static/images/categories/baccaratglobal.svg
IP
108.156.60.56:0
ASN
#0

File type
data
Size
1.7 kB (1684 bytes)
Hash
c8172fe565261f582091e8003ce784df
1830b0939ae767b39be0e0320c69d7f6905a9b9e
b91bfcb8533fc89c6072daf7bb2a50d240365e53436bb819bab829f36575a0d6

HTTP Headers

GET /static/images/categories/baccaratglobal.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Wed, 07 Dec 2022 08:58:40 GMT
etag: W/"639055c0-135f"
expires: Thu, 08 Dec 2022 17:58:42 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: aPnggsRXnfPTHYZpL070_6C2WuI2bwTjfddrurfquzMpv2bwEcFvEQ==
X-Firefox-Spdy: h2

biamo.bet/static/images/categories/blackjacks.svg

108.156.60.56

200 OK

769 B

URL HTTP/2
biamo.bet/static/images/categories/blackjacks.svg
IP
108.156.60.56:0
ASN
#0

File type
data
Size
769 B (769 bytes)
Hash
0c647427bacfa0540ab412f43172fa33
6dd2e59fd90579dc7f5ed45810257f56027f4d28
8146128bbf3a748cd68b3e493b4c9f5209c7b13810dcb1f9782a27a38a435623

HTTP Headers

GET /static/images/categories/blackjacks.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Wed, 07 Dec 2022 08:58:40 GMT
etag: W/"639055c0-4db"
expires: Thu, 08 Dec 2022 17:58:42 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: rT1Ej7JkeNluBNAGWYKJdOLi5pLqXJkXkkqFCW2Q_SXWrNu51f9fSg==
X-Firefox-Spdy: h2

biamo.bet/static/images/categories/slots.svg

108.156.60.56

200 OK

1.6 kB

URL HTTP/2
biamo.bet/static/images/categories/slots.svg
IP
108.156.60.56:0
ASN
#0

File type
data
Size
1.6 kB (1632 bytes)
Hash
4140bf60dd290acd1607dab268bdaf4e
fc1c14d8cd0784cafd95e9d9a51351e3567a521c
d7f283344cc194530fbaf2fcd7784e70efc7bda5eaf5d6b404c70280ce6fe973

HTTP Headers

GET /static/images/categories/slots.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Wed, 07 Dec 2022 08:58:40 GMT
etag: W/"639055c0-1bbd"
expires: Thu, 08 Dec 2022 17:58:42 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: kL-I7RRfOulPkP9ojxdA4DbUJm1U5Qg2aamflSRAHOrhX6oT9MdEsA==
X-Firefox-Spdy: h2

biamo.bet/static/images/categories/scratchcards.svg

108.156.60.56

200 OK

1.1 kB

URL HTTP/2
biamo.bet/static/images/categories/scratchcards.svg
IP
108.156.60.56:0
ASN
#0

File type
data
Size
1.1 kB (1081 bytes)
Hash
ce77ff18ea5e50d28b55876c304b5b62
6d7d375a4b9c701ea2dd0898ae6cc333123c13d2
a6deb79bbf5a748be6241ab02882c7adc9beb518f5d1eb1b2017268198b22b7e

HTTP Headers

GET /static/images/categories/scratchcards.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Wed, 07 Dec 2022 08:58:40 GMT
etag: W/"639055c0-80b"
expires: Thu, 08 Dec 2022 17:58:42 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: T-tOtO7F2zJfpdZMSaNC9nY8E8_yVV_00eJap0l60Vj6CRzFcS_WGA==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/storm.svg

108.156.60.56

404 Not Found

146 B

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/storm.svg
IP
108.156.60.56:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /gstatic/merchants/svg/black/storm.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: pDxwaOvapu-dOTzVRDzuWXAWps0AweesO6skhoJFETRGhnVXNGBdaA==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/spearhead.svg

108.156.60.56

404 Not Found

146 B

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/spearhead.svg
IP
108.156.60.56:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /gstatic/merchants/svg/black/spearhead.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: XYikB6PSMzBYdOC_vl6Y8CyLEgf8jVN1Fmgaw-Z8LbNWx4yvelo5WA==
X-Firefox-Spdy: h2

biamo.bet/static/images/categories/jackpots.svg

108.156.60.56

200 OK

2.0 kB

URL HTTP/2
biamo.bet/static/images/categories/jackpots.svg
IP
108.156.60.56:0
ASN
#0

File type
data
Size
2.0 kB (1985 bytes)
Hash
d7347b763e183f0286fde714efe656f3
5713ad0058cd604c239945d7b498c499e536cefc
01ab3a6d1910c4dd064d8c7d05d2d04e29fc8912cc34c7ee06ecb1ecdef00796

HTTP Headers

GET /static/images/categories/jackpots.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Wed, 07 Dec 2022 08:58:40 GMT
etag: W/"639055c0-14bc"
expires: Thu, 08 Dec 2022 17:58:42 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: eiows6ogZk7EJtIZXR81HIabOPZ2fUnaCvi2-DxXZ0AevsLGsGyV9g==
X-Firefox-Spdy: h2

biamo.bet/static/images/categories/cayetano.svg

108.156.60.56

200 OK

902 B

URL HTTP/2
biamo.bet/static/images/categories/cayetano.svg
IP
108.156.60.56:0
ASN
#0

File type
data
Size
902 B (902 bytes)
Hash
e80f8b874fe0af2ad677cd27844ad021
38cb85ab16f2490ecee32d35149fd517d21e4a95
8384c620c80a89bcaa4ecefe79543f2521fe685655c7898040be7c64a7ab2e77

HTTP Headers

GET /static/images/categories/cayetano.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Wed, 07 Dec 2022 08:58:40 GMT
etag: W/"639055c0-79e"
expires: Thu, 08 Dec 2022 17:58:42 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: G8FtaZAMNqzbVSBYSHB9CxPJ2UUPjnnwCDg5HXGRrgdpHGhX84JnTw==
X-Firefox-Spdy: h2

biamo.bet/static/images/categories/pokerglobal.svg

108.156.60.56

200 OK

2.3 kB

URL HTTP/2
biamo.bet/static/images/categories/pokerglobal.svg
IP
108.156.60.56:0
ASN
#0

File type
data
Size
2.3 kB (2283 bytes)
Hash
cb8b4c427e699e49c935c733af31daca
7aa275a2ae859f3a1f31dc82921c2df3d239bbca
41b86a03002f0e87ccbbcbdcc8974a245162c8fee23d929c06473a49c08e901e

HTTP Headers

GET /static/images/categories/pokerglobal.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Wed, 07 Dec 2022 08:58:40 GMT
etag: W/"639055c0-14c4"
expires: Thu, 08 Dec 2022 17:58:42 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: czB9eMkTTadh7e8aL-j82YHPwUwpRFXnER-SM064QCXNm1NZjHLE2w==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/skillzz.svg

108.156.60.56

404 Not Found

146 B

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/skillzz.svg
IP
108.156.60.56:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /gstatic/merchants/svg/black/skillzz.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: kVgWVmEelBeRsV67BbLZmCueVGug27Qu6Wd6QhD23MCw5LpxZPUkHw==
X-Firefox-Spdy: h2

biamo.bet/static/images/categories/virtualsports.svg

108.156.60.56

200 OK

890 B

URL HTTP/2
biamo.bet/static/images/categories/virtualsports.svg
IP
108.156.60.56:0
ASN
#0

File type
data
Size
890 B (890 bytes)
Hash
586adf363e3bcb57e8bed6c2fe96d12a
54130e8a253785965ef9bc61ca6b7154f664ca22
c57b724209fd5217c083d0deefe3a90945d537feeb02707db9958b7caf608377

HTTP Headers

GET /static/images/categories/virtualsports.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Wed, 07 Dec 2022 08:58:40 GMT
etag: W/"639055c0-813"
expires: Thu, 08 Dec 2022 17:58:42 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: UL7u86t2Rp9YxA_4FD-c3jGFSjFO6FyoVKc3hpYxp6Kk-yr_RBNpuw==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/rabcat.svg

108.156.60.56

404 Not Found

146 B

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/rabcat.svg
IP
108.156.60.56:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /gstatic/merchants/svg/black/rabcat.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: _4sSRj4f1D9wqq-IwROvDiq4A3Xj7gOV4ShQJ-SQutFaLLO0ZbcuPg==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/realistic.svg

108.156.60.56

404 Not Found

146 B

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/realistic.svg
IP
108.156.60.56:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /gstatic/merchants/svg/black/realistic.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: riZxmXBv3D0j91PI5I6xqE_PHMYwTh52ajDnTdSMii6KUwjHe7tnKA==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/microgaming.svg

108.156.60.56

200 OK

3.6 kB

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/microgaming.svg
IP
108.156.60.56:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1194)
Size
3.6 kB (3591 bytes)
Hash
b6917a600822d84983caefa1c26a5708
e46135fbec25ad8493b799628a029f48207a1ca9
b8930c07092384078fc60b9fabab1f38331934ac856c3ef459fb204254d146ee

HTTP Headers

GET /gstatic/merchants/svg/black/microgaming.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 3591
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Thu, 13 Oct 2022 11:19:17 GMT
etag: "6347f435-e07"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:42 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: 2r47NxCVv_QZc8H-5U9cg3IoNFwp_8-NX2lnI4mnNmue6dlZ6r3XeA==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/oldskool.svg

108.156.60.56

404 Not Found

146 B

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/oldskool.svg
IP
108.156.60.56:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /gstatic/merchants/svg/black/oldskool.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: XbtHLlenqlncERpnFLKNE-PYzdDHKbnjmgER-ze1-Xn_NEgCd9bJ1Q==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/pearfiction.svg

108.156.60.56

404 Not Found

146 B

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/pearfiction.svg
IP
108.156.60.56:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /gstatic/merchants/svg/black/pearfiction.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: x_x8W0C_OUreYrCd1wUz9aHTw_0tu8igbTFmErNwWz6dBAb3-eUnCg==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/pulse8.svg

108.156.60.56

404 Not Found

146 B

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/pulse8.svg
IP
108.156.60.56:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /gstatic/merchants/svg/black/pulse8.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: ReqE21sOU9FmY9dVI_Sy6uN8SQX1jFl7wIrLZaUoApIcvqEtTL7jmw==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/lightningbox.svg

108.156.60.56

404 Not Found

146 B

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/lightningbox.svg
IP
108.156.60.56:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /gstatic/merchants/svg/black/lightningbox.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: ZacOaEl4WxprkPWBSMDddBRYGRSPBvz2LlfNGmO22ZFBvH-vmuVLwQ==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/neonvalley.svg

108.156.60.56

404 Not Found

146 B

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/neonvalley.svg
IP
108.156.60.56:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /gstatic/merchants/svg/black/neonvalley.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: oHbkgqUTCIoW_jPgk7vJAwQP5iGboKC_C6BIQ5NMNJ-SMWech22mNw==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/hacksaw.svg

108.156.60.56

404 Not Found

146 B

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/hacksaw.svg
IP
108.156.60.56:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /gstatic/merchants/svg/black/hacksaw.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: o4td_I-GoI6SK8L7RmUFmezvgCBXPals3g4DUBa5ifUDIfi9vUUTAg==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/jftw.svg

108.156.60.56

404 Not Found

146 B

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/jftw.svg
IP
108.156.60.56:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /gstatic/merchants/svg/black/jftw.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: Ap-v7ju68HqdIxKwdygX5MvCgKr8N5hwxH8wo2LYsT600PIgBKS18A==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/genesis.svg

108.156.60.56

404 Not Found

146 B

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/genesis.svg
IP
108.156.60.56:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /gstatic/merchants/svg/black/genesis.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: 86nbweessnPL3A4nAcASfrumz8iBW6bu2jA_vJtED9QmXX2smWD38g==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/goldenrock.svg

108.156.60.56

404 Not Found

146 B

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/goldenrock.svg
IP
108.156.60.56:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /gstatic/merchants/svg/black/goldenrock.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: yd7v8IZvXJlr6BaOlCigIQJ3QlAPSH0HeK-HD8OFpydS2zGhOwzrmg==
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8b8df80-ffce-4960-a0e3-83eaf7ee52f3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6352 bytes)
Hash
ebd3528452aecd80e39bbf82d3f71f2c
eaa956309d27052d466f7c4bd75b3bdf8443f251
680066dadbddc2cd7179ad5bdfbf9b2014ea601561e585d18dfcda73512ae84a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8b8df80-ffce-4960-a0e3-83eaf7ee52f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 6352
x-amzn-requestid: cd970b83-2a99-4e38-afed-580d733040a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSuWF1bIAMFcpg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c2-1ba552306e857bb37424d679;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: r-NqeoEPWQKepiifIrDHs4FBzgaKiEkEBRd8egTfi6Lnyt7Nrc8cNg==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:32:04 GMT
age: 69998
etag: "eaa956309d27052d466f7c4bd75b3bdf8443f251"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/fortunefactory.svg

108.156.60.56

404 Not Found

146 B

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/fortunefactory.svg
IP
108.156.60.56:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /gstatic/merchants/svg/black/fortunefactory.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: aFAuIBcAlkG2AQNf2K4EF72gMQPNwaEoj52fR99JIAmqW4j3mIGnjA==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/foxium.svg

108.156.60.56

404 Not Found

146 B

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/foxium.svg
IP
108.156.60.56:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /gstatic/merchants/svg/black/foxium.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: 79yVelw14_zbpr_QyaajEqj1w1Q4NVfuUz5joTBiYXOrG_YFCJ84SQ==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/gameburger.svg

108.156.60.56

404 Not Found

146 B

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/gameburger.svg
IP
108.156.60.56:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /gstatic/merchants/svg/black/gameburger.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: WBXLhZPLKv8YnOCXs6oa02owc1H-Nsp_expZamdpQC70ipxd8STN2g==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/dtech.svg

108.156.60.56

404 Not Found

146 B

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/dtech.svg
IP
108.156.60.56:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /gstatic/merchants/svg/black/dtech.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: eR50QorYxdHQfAhIT_cSBGiaZZNdTajLHjaRvKaJkKFtE5hbVpB8iA==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/gamevy.svg

108.156.60.56

404 Not Found

146 B

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/gamevy.svg
IP
108.156.60.56:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /gstatic/merchants/svg/black/gamevy.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: rXwLb8TU__Bwr7vX_UPOohJmKnfOC69gbEMSP7Km-zecv8op9ikS9g==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/bigtimemg.svg

108.156.60.56

404 Not Found

146 B

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/bigtimemg.svg
IP
108.156.60.56:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /gstatic/merchants/svg/black/bigtimemg.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: r4m434xbyT7TZqMy4o159ivi00ojdQ_f_c09gy1l016wH2ldzup6yg==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/all41.svg

108.156.60.56

404 Not Found

146 B

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/all41.svg
IP
108.156.60.56:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /gstatic/merchants/svg/black/all41.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: _Qfbp1mvSYstYgjZlEzHzabP5yx_2kjmHiLl_cZ00AZxxMudPzXa3w==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/crazytooth.svg

108.156.60.56

404 Not Found

146 B

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/crazytooth.svg
IP
108.156.60.56:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /gstatic/merchants/svg/black/crazytooth.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: WjElpYgqC4zvPFi0YazA07kWpzv0tCxOcV8Q1AcDC4Pb3dMod7jgLw==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/mga.svg

108.156.60.56

404 Not Found

146 B

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/mga.svg
IP
108.156.60.56:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /gstatic/merchants/svg/black/mga.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: 9JNM4Gso07aZCen7OsjYnpNmy8mbeCcwDR9exrqpPZQob7sDx___5A==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/merkur.svg

108.156.60.56

200 OK

2.2 kB

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/merkur.svg
IP
108.156.60.56:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5371), with no line terminators
Size
2.2 kB (2187 bytes)
Hash
95367ce3534364666740edffd16a9266
b1ed8e88c80262d3e54ef79d194569c736c72422
a61e7d07b22dad54449aeb6d0ac59112fe71535c988495a4c5a340418399855f

HTTP Headers

GET /gstatic/merchants/svg/black/merkur.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 2187
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Thu, 03 Nov 2022 09:36:30 GMT
etag: "63638b9e-88b"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:42 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: luXNl29fbmFR24NkKdp78zGLM5N2jIH2kcfnSz17-kIKErEz94nfqA==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/plank.svg

108.156.60.56

404 Not Found

146 B

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/plank.svg
IP
108.156.60.56:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /gstatic/merchants/svg/black/plank.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: LFDgAkBAyb6Ft3goCWAXdGTzUGTtffslIlUsh1bGPqQlFapv8dVefg==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/2by2.svg

108.156.60.56

404 Not Found

146 B

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/2by2.svg
IP
108.156.60.56:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /gstatic/merchants/svg/black/2by2.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: ysojqnrUBJLVe-8QMlegQ2FDOiSYfUT_kQihzvnmTZYGWQCwhzXfLg==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/eyecon.svg

108.156.60.56

404 Not Found

146 B

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/eyecon.svg
IP
108.156.60.56:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /gstatic/merchants/svg/black/eyecon.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: YaeRobr5jnoj9q7G6ddLygingDt7lh9U46Xn9TVuEO__qbemuaJluw==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/blueprint.svg

108.156.60.56

200 OK

3.9 kB

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/blueprint.svg
IP
108.156.60.56:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1243)
Size
3.9 kB (3919 bytes)
Hash
7a06b07efce00d3c521475f0a92302ed
88c2cc692cb12a645bc4bdf0ff20255f11b09943
b92140e29f1dc43891ac571187cab2b97946033ab102c49a31bcc77d0fae3261

HTTP Headers

GET /gstatic/merchants/svg/black/blueprint.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 3919
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Thu, 13 Oct 2022 11:19:17 GMT
etag: "6347f435-f4f"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:42 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: xkNThG8UVSVmctX2oll9p8Awdijj5dFfEa0GRMAtAsKvgLI2sAyf8Q==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/reeltime.svg

108.156.60.56

200 OK

2.1 kB

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/reeltime.svg
IP
108.156.60.56:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4348), with no line terminators
Size
2.1 kB (2124 bytes)
Hash
9f79771d55aed39ae3706409b9b5a404
c33e581085a6b2dc4d2e7668822a05ed644c4b25
8775eabb7bdfed3329e670001d527e4240ee849f5ed8ac687d5477f45390edb0

HTTP Headers

GET /gstatic/merchants/svg/black/reeltime.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 2124
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Thu, 13 Oct 2022 11:19:17 GMT
etag: "6347f435-84c"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:42 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: Del9XF3C-MSWNWb9Qubgeaae_6QrCmx31aYHgi4VpqCe1xA1fI5xuQ==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/spribe.svg

108.156.60.56

200 OK

1.7 kB

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/spribe.svg
IP
108.156.60.56:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1240)
Size
1.7 kB (1701 bytes)
Hash
e0f71fef65ad4dc6ec64914d44eff122
6041e1a24977d563c65005952860100e1ace9996
a006a454065798cd63e269b789813d1b0b7a39627af0c36c94366ff01d7b79c2

HTTP Headers

GET /gstatic/merchants/svg/black/spribe.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1701
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Thu, 13 Oct 2022 11:24:29 GMT
etag: "6347f56d-6a5"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:42 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: zX17N7x9jx3uCy9IQJeBcJFPpbVdCw38hi3QPaSLj1RWjLzgBSWKtA==
X-Firefox-Spdy: h2

8ecdd967-7052-405b-9d9a-e69a1824663d.snippet.antillephone.com/54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png

143.204.55.67

200 OK

68 B

URL HTTP/2
8ecdd967-7052-405b-9d9a-e69a1824663d.snippet.antillephone.com/54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
IP
143.204.55.67:0
ASN
#16509 AMAZON-02

File type
PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Size
68 B (68 bytes)
Hash
e679fbd466a2d656f194a5da4fa083cd
2aa795c7607aa6ea41313be88f1b7a9c1ab516b3
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

HTTP Headers

GET /54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png HTTP/1.1
Host: 8ecdd967-7052-405b-9d9a-e69a1824663d.snippet.antillephone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 68
date: Sun, 27 Nov 2022 10:04:53 GMT
last-modified: Tue, 15 Dec 2020 08:04:53 GMT
etag: "e679fbd466a2d656f194a5da4fa083cd"
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vr1ujiguGdgBdB8Equa9rp5-EKSNVe7Ui9n0aLDMdBqfSDYktRwnpQ==
age: 892430
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/bigtime.svg

108.156.60.56

200 OK

2.7 kB

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/bigtime.svg
IP
108.156.60.56:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5316), with no line terminators
Size
2.7 kB (2685 bytes)
Hash
4ddc176e3f00278ce7b5debfd084eef8
887ec579ea6a1a33bd422d0a78af7b450cfe6aa5
0f989120af9add0d97b767e2f0a51fe16d31b8c65632c2d3da85e1a7201ecba4

HTTP Headers

GET /gstatic/merchants/svg/black/bigtime.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 2685
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Thu, 13 Oct 2022 11:24:29 GMT
etag: "6347f56d-a7d"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:42 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: W3VZMtAFcfcVTiTns_SouNdswqoLJMzH8aHnRNcYkEj3ZMY_8e6KzA==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/smartsoft.svg

108.156.60.56

404 Not Found

146 B

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/smartsoft.svg
IP
108.156.60.56:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /gstatic/merchants/svg/black/smartsoft.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: QVJtZmqNJN_ortqP8tFQDTlqQuy5RlB7l7pOsYUYPWKYOOKAz1EWJA==
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9084a518c70ad57bb3226fb519b648fd
79348ebe6f5900a035d4d65e08a7409fd9708f15
f0c6b0f66c31aa7cb2d2808eb4c04c3681d48e731efc8cbba0f3fef1d218ce7b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

biamo.bet/gstatic/merchants/svg/black/high5.svg

108.156.60.56

200 OK

1.4 kB

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/high5.svg
IP
108.156.60.56:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2859), with no line terminators
Size
1.4 kB (1439 bytes)
Hash
634454a0eda0dcc24fff2c687a536e53
9e238ab5eab5267b01b0586b719c0dabe660f1e0
34355be3346bcf5411ae2aea8788931c58fbcae501729aeddfe06c0db71e6efe

HTTP Headers

GET /gstatic/merchants/svg/black/high5.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1439
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Thu, 13 Oct 2022 11:19:17 GMT
etag: "6347f435-59f"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:42 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: xCWhoRdp04Vj_snljxKrg_Mej6xR8EadxEb7SMIMNHIXlduVMC7rJQ==
X-Firefox-Spdy: h2

biamo.bet/static/dist/435.dc5a588e2b66e929.js

108.156.60.56

200 OK

25 kB

URL HTTP/2
biamo.bet/static/dist/435.dc5a588e2b66e929.js
IP
108.156.60.56:0
ASN
#0

File type
ASCII text, with very long lines (65536), with no line terminators
Size
25 kB (25116 bytes)
Hash
78e770b348681e48bd514c1873675657
80f96c006a2fd5baf8bdd1922dfa2bf4f1a96190
b28a17bb7776b9b2df76a7f51c4194d06b59002eb3ab12b53a2428004ea94af8

HTTP Headers

GET /static/dist/435.dc5a588e2b66e929.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Wed, 07 Dec 2022 17:58:39 GMT
last-modified: Wed, 07 Dec 2022 09:01:54 GMT
etag: W/"63905682-1f8ad"
expires: Thu, 08 Dec 2022 17:58:39 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: NASPrioTBn9ItcUWtqC8SGevgW_LAjMRqEACK7ck_AHQOGXA0ipbmQ==
X-Firefox-Spdy: h2

biamo.bet/static/dist/837.e385b283ba609b72.js

108.156.60.56

200 OK

34 kB

URL HTTP/2
biamo.bet/static/dist/837.e385b283ba609b72.js
IP
108.156.60.56:0
ASN
#0

File type
ASCII text, with very long lines (65536), with no line terminators
Size
34 kB (34064 bytes)
Hash
8d19a8fc47e37a286ef0be21513223b2
bfd08f922646cc786b51ebb28b10da6735dd7332
d27ac15b98419910bcdd31bddeb91c567c9628302a62b6e22e755db3adf6d531

HTTP Headers

GET /static/dist/837.e385b283ba609b72.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Wed, 07 Dec 2022 17:58:39 GMT
last-modified: Wed, 07 Dec 2022 09:01:54 GMT
etag: W/"63905682-290e6"
expires: Thu, 08 Dec 2022 17:58:39 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: Kv1wOpHpPxnDh-nWsmsF1aQU3hiQK6AQYSjzFu5UNZeYLySe0DobxA==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/relax.svg

108.156.60.56

200 OK

2.1 kB

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/relax.svg
IP
108.156.60.56:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4897), with no line terminators
Size
2.1 kB (2124 bytes)
Hash
fda8a209fcffee68688386483af695e8
556895addb1447f58e0f7b321994819e481108f3
9a105779eb37a2b78722c3e1fa83c4b048381eb9e797491840bd90912eb05f5b

HTTP Headers

GET /gstatic/merchants/svg/black/relax.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 2124
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Thu, 13 Oct 2022 11:19:16 GMT
etag: "6347f434-84c"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:42 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: ujLSEq5WaQy4j00hEK3e9n9M-mqWOMuobLibzP2AFTDfGbTXz83JRg==
X-Firefox-Spdy: h2

www.google.com/pagead/1p-conversion/10847281060/?random=1923268104&cv=9&fst=1670435918052&num=1&npa=1&label=4clwCIT13ZkDEKS_sbQo&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11641679.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D11641679%3Btype%3Dusers00%3Bcat%3Dall_u0%3Bord%3D6212697906731%3Bgtm%3D2wgbu0%3Bauiddc%3D1020922586.1670435917%3B~oref%3Dhttps%253A%252F%252Fbiamo.bet%252F%253Ffaff%253D2543&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TtSQY-KFHrCK-cAPhb2ayAI&random=3908621497&resp=GooglemKTybQhCsO

216.58.207.228

302 Found

42 B

URL HTTP/2
www.google.com/pagead/1p-conversion/10847281060/?random=1923268104&cv=9&fst=1670435918052&num=1&npa=1&label=4clwCIT13ZkDEKS_sbQo&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11641679.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D11641679%3Btype%3Dusers00%3Bcat%3Dall_u0%3Bord%3D6212697906731%3Bgtm%3D2wgbu0%3Bauiddc%3D1020922586.1670435917%3B~oref%3Dhttps%253A%252F%252Fbiamo.bet%252F%253Ffaff%253D2543&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TtSQY-KFHrCK-cAPhb2ayAI&random=3908621497&resp=GooglemKTybQhCsO
IP
216.58.207.228:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-conversion/10847281060/?random=1923268104&cv=9&fst=1670435918052&num=1&npa=1&label=4clwCIT13ZkDEKS_sbQo&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11641679.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D11641679%3Btype%3Dusers00%3Bcat%3Dall_u0%3Bord%3D6212697906731%3Bgtm%3D2wgbu0%3Bauiddc%3D1020922586.1670435917%3B~oref%3Dhttps%253A%252F%252Fbiamo.bet%252F%253Ffaff%253D2543&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TtSQY-KFHrCK-cAPhb2ayAI&random=3908621497&resp=GooglemKTybQhCsO HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://11641679.fls.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 17:58:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/10847281060/?random=1923268104&cv=9&fst=1670435918052&num=1&npa=1&label=4clwCIT13ZkDEKS_sbQo&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11641679.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D11641679%3Btype%3Dusers00%3Bcat%3Dall_u0%3Bord%3D6212697906731%3Bgtm%3D2wgbu0%3Bauiddc%3D1020922586.1670435917%3B~oref%3Dhttps%253A%252F%252Fbiamo.bet%252F%253Ffaff%253D2543&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TtSQY-KFHrCK-cAPhb2ayAI&random=3908621497&resp=GooglemKTybQhCsO&ipr=y&prhg=0
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/reelplay.svg

108.156.60.56

200 OK

8.6 kB

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/reelplay.svg
IP
108.156.60.56:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4523)
Size
8.6 kB (8645 bytes)
Hash
2cfc29651d85352bd457f6e35793e0a9
9d3cac31d311338cc4c0e1b84796060620b293bc
c4f7b454104153f96bb05970bb87677f7c6ad938a872b7010e264b264d5cdee8

HTTP Headers

GET /gstatic/merchants/svg/black/reelplay.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 8645
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Thu, 13 Oct 2022 11:24:28 GMT
etag: "6347f56c-21c5"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:42 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: z39q7xE1Cm2bNYqJNmfjUnOYluua5V065btk-vdtiDhxw1_XOQCi9w==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/pushgaming.svg

108.156.60.56

200 OK

1.6 kB

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/pushgaming.svg
IP
108.156.60.56:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (716)
Size
1.6 kB (1594 bytes)
Hash
bf0a1e4109f68fd0dbf1d471a164ce42
4e5e22daf9ddb5f530b6e718310b6430cb643d98
30776036ba4384e414ecee78935ceb0a967d74ddb1ba1ba99a9082b4e4be70a1

HTTP Headers

GET /gstatic/merchants/svg/black/pushgaming.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1594
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Thu, 13 Oct 2022 11:19:17 GMT
etag: "6347f435-63a"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:42 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: WASnJfYNod2l4IuY06GkXD0uliPPiGoYIvNnbD_aa5XzTvsfcZ7E0g==
X-Firefox-Spdy: h2

8ecdd967-7052-405b-9d9a-e69a1824663d.snippet.antillephone.com/sealassets/0946832bf0e7bbb4d2975bc68c410bba-www.biamo.bet-5c2667c8f3109312b30c2fcbe6b233536b3dbea9f15707ac31ba7ac68aab9a059d850af0c533f63d0f6440cae96f6d52-c2VhbC5wbmc%3D?status=valid

143.204.55.67

200 OK

46 kB

URL HTTP/2
8ecdd967-7052-405b-9d9a-e69a1824663d.snippet.antillephone.com/sealassets/0946832bf0e7bbb4d2975bc68c410bba-www.biamo.bet-5c2667c8f3109312b30c2fcbe6b233536b3dbea9f15707ac31ba7ac68aab9a059d850af0c533f63d0f6440cae96f6d52-c2VhbC5wbmc%3D?status=valid
IP
143.204.55.67:0
ASN
#16509 AMAZON-02

File type
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size
46 kB (46382 bytes)
Hash
375b5b5bcd1d5179f5b789e4c28ca6df
f52bfd097b13f83fa43714f59786efa4082f55a1
f7acaa7ace617964cd79de3287bfa740f1d3fbcbed82ea1d09cd94058d4b1281

HTTP Headers

GET /sealassets/0946832bf0e7bbb4d2975bc68c410bba-www.biamo.bet-5c2667c8f3109312b30c2fcbe6b233536b3dbea9f15707ac31ba7ac68aab9a059d850af0c533f63d0f6440cae96f6d52-c2VhbC5wbmc%3D?status=valid HTTP/1.1
Host: 8ecdd967-7052-405b-9d9a-e69a1824663d.snippet.antillephone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 46382
date: Wed, 07 Dec 2022 17:58:43 GMT
x-powered-by: Express
cache-control: max-age=1200
etag: W/"b52e-9Sv9CXsT+D+kNxT1l4bvpAgvVaE"
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 775f26a6ac979be0-FRA
x-cache: Miss from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NqRCXU6e1E73y_wWiySNn3KpsNZHuei-c5P5Ks4evESDjWEy07agMQ==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/beefee.svg

108.156.60.56

200 OK

2.1 kB

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/beefee.svg
IP
108.156.60.56:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1154)
Size
2.1 kB (2093 bytes)
Hash
da02e6c53f231636f6bb1af8738ea129
d2e8c74530e90cbd2a20b600d450d799c1cb574d
954bc9f7ca11f7106b6f3d80463dba25c403e33e1da584ee1cdb88137f58c4a4

HTTP Headers

GET /gstatic/merchants/svg/black/beefee.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 2093
server: nginx
date: Wed, 07 Dec 2022 17:58:43 GMT
last-modified: Thu, 13 Oct 2022 11:19:17 GMT
etag: "6347f435-82d"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:43 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: PRuhPPiByMp6HutgfeNkOB2W_e3-Ej8WJ4a-PgcBDlJU3QkTcYAP5w==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/thunderkick.svg

108.156.60.56

200 OK

3.5 kB

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/thunderkick.svg
IP
108.156.60.56:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1044)
Size
3.5 kB (3456 bytes)
Hash
5412f8841972e41ff2d9555d2728da33
11b502351a09f0218376935bc2a722c157c03ed4
35c592333deb26018a85836c2cee5c37c9eb8396c2bf1f04be3cb9322bf72cd9

HTTP Headers

GET /gstatic/merchants/svg/black/thunderkick.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 3456
server: nginx
date: Wed, 07 Dec 2022 17:58:43 GMT
last-modified: Thu, 13 Oct 2022 11:19:16 GMT
etag: "6347f434-d80"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:43 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: ToRSjyx6_H-04-bE_8AzjIn748OCkhWwlLoM6xNLKmpFrdM2YyNwnw==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/elkstudios.svg

108.156.60.56

200 OK

1.6 kB

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/elkstudios.svg
IP
108.156.60.56:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3017)
Size
1.6 kB (1634 bytes)
Hash
caedaf8030817a2a7bc45ed5e987e92f
0232e39f74b4cd93858fbd49c9638914d58a8c97
714cc169a3e24b0612cbaafe65e34066585a6d563f17292dff3eebc70fc291fd

HTTP Headers

GET /gstatic/merchants/svg/black/elkstudios.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1634
server: nginx
date: Wed, 07 Dec 2022 17:58:43 GMT
last-modified: Thu, 13 Oct 2022 11:19:17 GMT
etag: "6347f435-662"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:43 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: vleruohrpupjkrXn-HgPksI7tP7hy8ECNoDfflxfROVcL0AS0rFcNA==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/3oaksgaming.svg

108.156.60.56

404 Not Found

146 B

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/3oaksgaming.svg
IP
108.156.60.56:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /gstatic/merchants/svg/black/3oaksgaming.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:43 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: Y3VJgUiI71mmjFqpRc4E4-fwIIBAu6VeY1goPFC2UMR8WUm2xwP6hA==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/fugaso.svg

108.156.60.56

200 OK

1.2 kB

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/fugaso.svg
IP
108.156.60.56:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (673)
Size
1.2 kB (1201 bytes)
Hash
d734c040417473b80e1774ed34581da9
702a4c8f918aaae6e252e4d4ac33268d3f958895
7b88b9a9fc746ce0f59b700acec5cb5f52ca13ee0a55c8dc6e560644455997bb

HTTP Headers

GET /gstatic/merchants/svg/black/fugaso.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1201
server: nginx
date: Wed, 07 Dec 2022 17:58:43 GMT
last-modified: Thu, 13 Oct 2022 11:19:17 GMT
etag: "6347f435-4b1"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:43 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: oq72YpHru5s_Yk8nDp2T_16lJ4mtmEkXiSDcLf95rlwRv6zGIiRAXw==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/realtimegaming.svg

108.156.60.56

200 OK

2.6 kB

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/realtimegaming.svg
IP
108.156.60.56:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (733)
Size
2.6 kB (2614 bytes)
Hash
d9c250fb7a4744ec853f0e9ec1374e12
25d5d6db92e08f9f8c7d125adbefb8412ef02f16
d0cdfc9b0bcc9a47e9af2d91e62e89e25b8c1a412638c79b9a95681db4557323

HTTP Headers

GET /gstatic/merchants/svg/black/realtimegaming.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 2614
server: nginx
date: Wed, 07 Dec 2022 17:58:43 GMT
last-modified: Thu, 13 Oct 2022 11:24:29 GMT
etag: "6347f56d-a36"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:43 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: 5QG5bSFhK9SQXBq5lv7WKK38bLPyeZcrWNo8mt1c4WQyEfZjG4bHig==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/igrosoft.svg

108.156.60.56

200 OK

3.8 kB

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/igrosoft.svg
IP
108.156.60.56:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1312)
Size
3.8 kB (3848 bytes)
Hash
ca01c3d6dd49a8bed99783eb5d13fa33
fef8f78f87bd1e2815d62380ccb0a03daacb1b8e
6e49372d55e8e9ebddaf6e121493b7267e7964efccf1128c8572ceffe9adce0b

HTTP Headers

GET /gstatic/merchants/svg/black/igrosoft.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 3848
server: nginx
date: Wed, 07 Dec 2022 17:58:43 GMT
last-modified: Thu, 13 Oct 2022 11:19:17 GMT
etag: "6347f435-f08"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:43 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: aZ72FUEFi_5ZlqJS0ZMm5Y-qw3NX6P67lTp5Ku45w1-X0zN0zAKs2Q==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/genii.svg

108.156.60.56

200 OK

1.8 kB

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/genii.svg
IP
108.156.60.56:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2262)
Size
1.8 kB (1786 bytes)
Hash
4d97edfa5cebb763f46930e7164f0b14
69df9a283f8083f6ebce09d69f94e9ebe5e46745
19b384851c08eca1f2fc6c9dc601807ff63c08042a4d080ff2ae467aa798de9a

HTTP Headers

GET /gstatic/merchants/svg/black/genii.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1786
server: nginx
date: Wed, 07 Dec 2022 17:58:43 GMT
last-modified: Thu, 13 Oct 2022 11:19:16 GMT
etag: "6347f434-6fa"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:43 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: hLWYlu5lfgzs0C6ejFPe3tFeH_6o-bpBognwKce0HW9PWig1xvUgtQ==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/redtigergaming.svg

108.156.60.56

200 OK

7.7 kB

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/redtigergaming.svg
IP
108.156.60.56:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (12682)
Size
7.7 kB (7735 bytes)
Hash
250678e84b10dd7e33e048545e4a907a
0426522f1698c202f83eeb8c3664db4826c8deb4
b04900ffd6b0fdcc0b8049d8ab945422d0a2b66073227db52c31a77592e68ece

HTTP Headers

GET /gstatic/merchants/svg/black/redtigergaming.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 7735
server: nginx
date: Wed, 07 Dec 2022 17:58:43 GMT
last-modified: Thu, 13 Oct 2022 11:24:29 GMT
etag: "6347f56d-1e37"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:43 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: uw0-r-rNnULSYboLS-aiMWWA4VuzEamiK1WF34JGPfmqwZcEd915yQ==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/evoplay.svg

108.156.60.56

200 OK

2.8 kB

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/evoplay.svg
IP
108.156.60.56:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2706)
Size
2.8 kB (2840 bytes)
Hash
fa084b96ab803413c31371c77066621f
c73ac60a87ee8532be3e0b737ea0a7d28ce91771
cba58b8445fe6258901f8000e00b3c8731eeeb8204b4a3d3c4c83c77954e4724

HTTP Headers

GET /gstatic/merchants/svg/black/evoplay.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 2840
server: nginx
date: Wed, 07 Dec 2022 17:58:43 GMT
last-modified: Thu, 13 Oct 2022 11:19:17 GMT
etag: "6347f435-b18"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:43 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: m2ajpCHMjdDCo37EHbDIyDUUlJrR2ATloL9tqlJfYF9HeV1uPdNGig==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/livegames.svg

108.156.60.56

200 OK

3.8 kB

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/livegames.svg
IP
108.156.60.56:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1524)
Size
3.8 kB (3822 bytes)
Hash
725b71ec066803c997676954c6fa27de
26894f767f7f501fc961dfe2670c7fcb31946dd8
54568809610ae42e91de5eddf2687e4a3a710cd017c9d4d82f0d23bbe49bf241

HTTP Headers

GET /gstatic/merchants/svg/black/livegames.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 3822
server: nginx
date: Wed, 07 Dec 2022 17:58:43 GMT
last-modified: Thu, 13 Oct 2022 11:24:29 GMT
etag: "6347f56d-eee"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:43 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: 8fsOVDjZrd5e1-ul0PNlMSRg88nAaJ4AqluMq2FPh6N0nqT_d4qElg==
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/wazdan.svg

108.156.60.56

200 OK

1.1 kB

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/wazdan.svg
IP
108.156.60.56:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (371)
Size
1.1 kB (1084 bytes)
Hash
7f258b175540f0d3731fcb6b50694512
65d18a074c2dbddc5cc70b33a49c2602a8ed509d
b284a09a02ff07bba4f816d0db7458745e9f78c40bbe28909cb5e1bd327764b4

HTTP Headers

GET /gstatic/merchants/svg/black/wazdan.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1084
server: nginx
date: Wed, 07 Dec 2022 17:58:43 GMT
last-modified: Thu, 13 Oct 2022 11:24:28 GMT
etag: "6347f56c-43c"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:43 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: r7xS6nGd9pGqZSZswyY3wU0vIIJEyYDQcqFag5vwvDAIqP3IJAffYg==
X-Firefox-Spdy: h2

cdn.onesignal.com/sdks/OneSignalSDK.js

104.18.226.52

200 OK

0 B

URL HTTP/2
cdn.onesignal.com/sdks/OneSignalSDK.js
IP
104.18.226.52:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 17:58:37 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 1426
expires: Sat, 10 Dec 2022 17:58:37 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 775f268369920b69-OSL
content-encoding: br
X-Firefox-Spdy: h2

biamo.bet/gstatic/merchants/svg/black/nolimitcity.svg

108.156.60.56

200 OK

0 B

URL HTTP/2
biamo.bet/gstatic/merchants/svg/black/nolimitcity.svg
IP
108.156.60.56:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /gstatic/merchants/svg/black/nolimitcity.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 4113
server: nginx
date: Wed, 07 Dec 2022 17:58:43 GMT
last-modified: Thu, 13 Oct 2022 11:24:29 GMT
etag: "6347f56d-1011"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:43 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: qE1ohUCFywpTOlcPAL8KHSAXCNjhqIvp4Z089kOf2QAI2a1IqNskNA==
X-Firefox-Spdy: h2

biamo.bet/static/css/app.loader.css

108.156.60.56

200 OK

0 B

URL HTTP/2
biamo.bet/static/css/app.loader.css
IP
108.156.60.56:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/css/app.loader.css HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/?faff=2543
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
server: nginx
date: Wed, 07 Dec 2022 15:16:08 GMT
last-modified: Wed, 07 Dec 2022 09:02:03 GMT
etag: W/"6390568b-4ef"
expires: Thu, 08 Dec 2022 15:16:08 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: U0HsuP2ny7hly4V0hywselFVbri_vW6_9BRm2a0RkNZCzk3vVZZOxA==
age: 9749
X-Firefox-Spdy: h2

biamo.bet/static/dist/583.4a26d08e24748054.js

108.156.60.56

200 OK

0 B

URL HTTP/2
biamo.bet/static/dist/583.4a26d08e24748054.js
IP
108.156.60.56:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/dist/583.4a26d08e24748054.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Wed, 07 Dec 2022 17:58:39 GMT
last-modified: Wed, 07 Dec 2022 09:01:54 GMT
etag: W/"63905682-c890"
expires: Thu, 08 Dec 2022 17:58:39 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: vFFxrVy_54IyNz8mjXw2Tz5DZjoXX3PB_9bCP050nSQNF7N61pOpeg==
X-Firefox-Spdy: h2

biamo.bet/static/dist/271.6f5cbf7ace0cb80b.js

108.156.60.56

200 OK

0 B

URL HTTP/2
biamo.bet/static/dist/271.6f5cbf7ace0cb80b.js
IP
108.156.60.56:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/dist/271.6f5cbf7ace0cb80b.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Wed, 07 Dec 2022 17:58:39 GMT
last-modified: Wed, 07 Dec 2022 09:01:54 GMT
etag: W/"63905682-8878"
expires: Thu, 08 Dec 2022 17:58:39 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: HF5vHt5cLe_hD1SncHTumeh679s7b854-uPbI6sy5_Z_Frsdf0tTrQ==
X-Firefox-Spdy: h2

biamo.bet/static/dist/459.d1997ede2f658adc.js

108.156.60.56

200 OK

0 B

URL HTTP/2
biamo.bet/static/dist/459.d1997ede2f658adc.js
IP
108.156.60.56:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/dist/459.d1997ede2f658adc.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Wed, 07 Dec 2022 17:58:39 GMT
last-modified: Wed, 07 Dec 2022 09:01:54 GMT
etag: W/"63905682-3eaa"
expires: Thu, 08 Dec 2022 17:58:39 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: 7FsQ0m6xGsvCtav9AV5zbdKb9wurqQsZ70Z-sBw_HCz2B-F3a2adGw==
X-Firefox-Spdy: h2

biamo.bet/static/dist/974.f30a90cb0ba9f426.js

108.156.60.56

200 OK

0 B

URL HTTP/2
biamo.bet/static/dist/974.f30a90cb0ba9f426.js
IP
108.156.60.56:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/dist/974.f30a90cb0ba9f426.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/?faff=2543
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.1.143091376.1670435917
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Wed, 07 Dec 2022 17:58:38 GMT
last-modified: Wed, 07 Dec 2022 09:01:54 GMT
etag: W/"63905682-911"
expires: Thu, 08 Dec 2022 17:58:38 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: PDGD0vPxdhjLLwEijupAIlfp8-yWERIqzp94XZDD5qmlH5Qs3i0MUg==
X-Firefox-Spdy: h2

foodheed.com/irtu/?QBOT.zip

199.188.200.95

404 Not Found

0 B

URL HTTP/2
foodheed.com/irtu/?QBOT.zip
IP
199.188.200.95:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /irtu/?QBOT.zip HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://foodheed.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Dec 2022 17:58:33 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

thirawogla.com/b.3gVG0fPw3fpLv/bymZVxJXZ_Dc0V0zNxThkzzWMqz/cl2ULDT/QN1_OeTwMazxNMzacn

88.85.94.246

200 OK

0 B

URL HTTP/2
thirawogla.com/b.3gVG0fPw3fpLv/bymZVxJXZ_Dc0V0zNxThkzzWMqz/cl2ULDT/QN1_OeTwMazxNMzacn
IP
88.85.94.246:0
ASN
#35415 Webzilla B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /b.3gVG0fPw3fpLv/bymZVxJXZ_Dc0V0zNxThkzzWMqz/cl2ULDT/QN1_OeTwMazxNMzacn HTTP/1.1
Host: thirawogla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://long.interestmoments.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 17:58:36 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
x-frame-options: DENY
referrer-policy: no-referrer
p3p: CP="CUR ADM OUR NOR STA NID"
last-modified: Wed, 07 Dec 2022 17:58:36 GMT
set-cookie: kadCCap=218665:1:1670219511;221398:1:1670061406;219484:1:1667715065;212269:1:1667199062;222582:1:1669973958;218693:1:1669515516;79610:1:1669272875;223255:1:1670393482;219652:1:1669330335;220335:1:1670435916;194136:1:1669413157;215297:1:1669786163;221352:1:1670163762;222513:1:1670219541;132751:1:1669884292;199455:1:1668245056;222775:1:1669981400;219047:1:1667194435;220790:1:1668460505; max-age=1701971916; path=/
kadACap=419323:1:1669947125;451724:1:1669565807;446714:1:1669965428;410252:1:1669943525;458045:1:1670426588;419299:1:1669735589;451139:1:1669898733;445735:1:1669286676;346329:1:1670226206;419303:1:1670398063;383700:1:1670275546;445788:1:1669918420;407100:1:1668246232;458041:1:1670424583;445506:1:1669286676;449523:1:1670210030;419293:1:1669526430;190964:1:1669272875;419297:1:1670425925;424441:1:1670396486;444748:1:1669841678;419321:1:1669463839;453831:1:1670244468;419301:1:1669646033;445499:1:1670164226;446013:1:1668228435;446531:1:1669270846;419291:1:1670274736;346327:1:1670398317;401659:1:1670416416;442019:1:1670232446;272913:1:1670219562;419295:1:1669929223;450649:1:1670060949; max-age=1701971916; path=/
kadCSCap=223255:1:1670393482;220335:1:1670435916; path=/
kadASCap=458045:1:1670426588;424441:1:1670396486;401659:1:1670416416;458041:1:1670424583;419297:1:1670425925;419303:1:1670398063;346327:1:1670398317; path=/
kadRPixJ=bnVsbA==; max-age=1701971916; path=/
kadUnP3=CAsQu/C/nAYaDQioiJcCEAIYit3AnAYaDQiIrZcCEAEY74DBnAYaDQjowJcCEAIYg7HBnAYaDQiQrJgCEAEYxvTAnAYaDQjgrZgCEAMYoJDCnAYaDQjzwZkBEAEY7YLBnAYaDQivp/4BEAEYu/C/nAYiCggDEAoYit3AnAYiCggBEAEYu/C/nAYqDAikkygQAhiK3cCcBioMCNqXKBABGO+AwZwGKgwI85ooEAIYg7HBnAYqDAiKqSgQAxigkMKcBioMCMPpDBABGLvwv5wGKgwIjL0SEAEY7YLBnAYqDAj09CcQARjG9MCcBg==; max-age=1701971916; path=/
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2

rtg.prdredir.com/sync?ref=&lp=https%3A%2F%2Fbiamo.bet%2F%3Ffaff%3D2543&sh=1024&sw=1280&date=1670435917170&fp=uid-0439475507.0589206147

172.64.161.2

200 OK

0 B

URL HTTP/2
rtg.prdredir.com/sync?ref=&lp=https%3A%2F%2Fbiamo.bet%2F%3Ffaff%3D2543&sh=1024&sw=1280&date=1670435917170&fp=uid-0439475507.0589206147
IP
172.64.161.2:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sync?ref=&lp=https%3A%2F%2Fbiamo.bet%2F%3Ffaff%3D2543&sh=1024&sw=1280&date=1670435917170&fp=uid-0439475507.0589206147 HTTP/1.1
Host: rtg.prdredir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 17:58:37 GMT
content-type: image/gif
status: 200 OK
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 4d0a342e-fb5e-4938-abdb-232bc73b1e83
content-disposition: inline; filename="pixel.gif"
x-download-options: noopen
content-transfer-encoding: binary
x-runtime: 0.001703
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: fp=23c9a34a-9dc1-4d1e-937b-3a509bde3d76; domain=prdredir.com; path=/; expires=Tue, 07 Mar 2023 17:58:37 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=97riGSe4icscMKUMaUSBLSoJBSm8I0to1v9YLce%2F3MZ4xP6gY2uaD4wnpaZc4oIUkWEOVkbDSDedXSMJKssc5wbjTJcpcqyOPH1GJS0pjSb2EOUnduLeyX5vujYNO0kt%2BJDk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775f26852aec76f6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

8ecdd967-7052-405b-9d9a-e69a1824663d.snippet.antillephone.com/apg-seal.js

143.204.55.67

200 OK

0 B

URL HTTP/2
8ecdd967-7052-405b-9d9a-e69a1824663d.snippet.antillephone.com/apg-seal.js
IP
143.204.55.67:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /apg-seal.js HTTP/1.1
Host: 8ecdd967-7052-405b-9d9a-e69a1824663d.snippet.antillephone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
date: Wed, 07 Dec 2022 17:58:41 GMT
x-powered-by: Express
cache-control: max-age=300
etag: W/"c33-ea5IxAZk6sDvNJXer+bM2DNdzOM"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 775f269aec2d90fe-FRA
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Bm3eGzfTsXLLyQ8bNlBBIxDesBGmououmPjtp10xmoVaYUoa7Chl8w==
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (60)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations